Analysis Overview
SHA256
192a92a9b50998d7a9940218c9a3e98f854961034cc0d296b0bb17e6d9b8b79a
Threat Level: Likely malicious
The file windows-malware was found to be: Likely malicious.
Malicious Activity Summary
Blocklisted process makes network request
Downloads MZ/PE file
Boot or Logon Autostart Execution: Active Setup
Possible privilege escalation attempt
Event Triggered Execution: AppInit DLLs
Loads dropped DLL
Modifies file permissions
Executes dropped EXE
Adds Run key to start application
Writes to the Master Boot Record (MBR)
Network Share Discovery
Legitimate hosting services abused for malware hosting/C2
Enumerates connected drives
Checks installed software on the system
Drops file in System32 directory
Suspicious use of NtSetInformationThreadHideFromDebugger
Suspicious use of NtCreateThreadExHideFromDebugger
Subvert Trust Controls: Mark-of-the-Web Bypass
Drops file in Windows directory
Enumerates physical storage devices
Access Token Manipulation: Create Process with Token
Program crash
Event Triggered Execution: Accessibility Features
System Location Discovery: System Language Discovery
Browser Information Discovery
Suspicious use of SetWindowsHookEx
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious behavior: GetForegroundWindowSpam
Uses Volume Shadow Copy service COM API
Suspicious use of FindShellTrayWindow
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious use of WriteProcessMemory
Modifies registry class
Uses Task Scheduler COM API
Checks SCSI registry key(s)
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Suspicious use of UnmapMainImage
Kills process with taskkill
Modifies data under HKEY_USERS
Modifies Internet Explorer settings
NTFS ADS
Suspicious behavior: AddClipboardFormatListener
Uses Volume Shadow Copy WMI provider
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-06 20:17
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-06 20:17
Reported
2024-08-06 20:47
Platform
win11-20240802-en
Max time kernel
1718s
Max time network
1821s
Command Line
Signatures
Blocklisted process makes network request
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Boot or Logon Autostart Execution: Active Setup
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\software\WOW6432Node\microsoft\Active Setup\Installed Components | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| Key created | \REGISTRY\MACHINE\software\WOW6432Node\microsoft\Active Setup\Installed Components | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2227988167-2813779459-4240799794-1000\Software\Microsoft\Active Setup\Installed Components | C:\Windows\explorer.exe | N/A |
Downloads MZ/PE file
Event Triggered Execution: AppInit DLLs
Possible privilege escalation attempt
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Executes dropped EXE
Loads dropped DLL
Modifies file permissions
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\takeown.exe | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | C:\Windows\SysWOW64\icacls.exe | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\tv_enua = "RunDll32 advpack.dll,LaunchINFSection C:\\Windows\\INF\\tv_enua.inf, RemoveCabinet" | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
Checks installed software on the system
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\D: | C:\Windows\explorer.exe | N/A |
| File opened (read-only) | \??\F: | C:\Windows\explorer.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Network Share Discovery
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\Desktop\geometry dash auto speedhack.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\SysWOW64\SETFCBD.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File created | C:\Windows\SysWOW64\SETFCBD.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\SysWOW64\msvcp50.dll | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
Suspicious use of NtCreateThreadExHideFromDebugger
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\msagent\SETFA1F.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File created | C:\Windows\msagent\SETFA30.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\msagent\mslwvtts.dll | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\lhsp\tv\tvenuax.dll | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\fonts\andmoipa.ttf | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\diagwrn.xml | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\msagent\SETFA1D.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File created | C:\Windows\lhsp\tv\SETFCA8.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\lhsp\tv\tv_enua.dll | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File created | C:\Windows\INF\SETFCAC.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\msagent\AgentCtl.dll | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File created | C:\Windows\msagent\SETFA19.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\INF\SETFA20.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\msagent\SETFA1E.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\msagent\AgentPsh.dll | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File created | C:\Windows\INF\SETFA20.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\INF\agtinst.inf | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\setuperr.log | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\diagerr.xml | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File created | C:\Windows\msagent\SETFA1A.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\msagent\SETFA1C.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\msagent\AgentSR.dll | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\msagent\AgtCtl15.tlb | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\msagent\AgentDPv.dll | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File created | C:\Windows\msagent\SETFA1D.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\lhsp\tv\SETFCA9.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\INF\SETFCAC.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File created | C:\Windows\finalDestruction.bin | C:\Users\Admin\Desktop\Bonzify.exe | N/A |
| File created | C:\Windows\msagent\SETFA1B.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\help\Agt0409.hlp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File created | C:\Windows\fonts\SETFCAB.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\setuperr.log | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File created | C:\Windows\msagent\SETFA18.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\msagent\SETFA1B.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\msagent\AgentSvr.exe | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File created | C:\Windows\msagent\SETFA1E.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\fonts\SETFCAB.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\setupact.log | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\diagwrn.xml | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\msagent\SETFA30.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\help\SETFA31.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\lhsp\help\tv_enua.hlp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\WinSxS\wow64_microsoft-windows-s..sor-native-whitebox_31bf3856ad364e35_10.0.22000.120_none_a6af4a93eb065fad\RMActivate.exe | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\diagerr.xml | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\msagent\SETFA19.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\msagent\AgentDp2.dll | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\setupact.log | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\msagent\SETFA1F.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File created | C:\Windows\help\SETFA31.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\lhsp\help\SETFCAA.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File created | C:\Windows\msagent\chars\Bonzi.acs | C:\Users\Admin\Desktop\Bonzify.exe | N/A |
| File created | C:\Windows\msagent\SETFA1C.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\msagent\intl\Agt0409.dll | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\lhsp\tv\SETFCA8.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File created | C:\Windows\lhsp\help\SETFCAA.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File created | C:\Windows\executables.bin | C:\Users\Admin\Desktop\Bonzify.exe | N/A |
| File opened for modification | C:\Windows\msagent\AgentMPx.dll | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\SystemTemp | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File opened for modification | C:\Windows\msagent\SETFA18.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\msagent\SETFA1A.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\msagent\AgentAnm.dll | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File created | C:\Windows\msagent\intl\SETFA32.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File created | C:\Windows\lhsp\tv\SETFCA9.tmp | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| File opened for modification | C:\Windows\INF\tv_enua.inf | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\geometry dash auto speedhack.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Bloxstrap-v2.7.0.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Bonzify.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Access Token Manipulation: Create Process with Token
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Browser Information Discovery
Enumerates physical storage devices
Event Triggered Execution: Accessibility Features
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\SysWOW64\Taskmgr.exe |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\SysWOW64\notepad.exe |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\SysWOW64\notepad.exe |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\SysWOW64\taskkill.exe |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Windows\msagent\AgentSvr.exe |
| N/A | N/A | N/A | C:\Users\Admin\Desktop\Bonzify.exe |
| N/A | N/A | N/A | |
| N/A | N/A | N/A |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\Bonzify.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\control.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\DllHost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\takeown.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\msagent\AgentSvr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\grpconv.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\geometry dash auto speedhack.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\geometry dash auto speedhack.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\geometry dash auto speedhack.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\geometry dash auto speedhack.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\notepad.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\icacls.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\grpconv.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\msagent\AgentSvr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\geometry dash auto speedhack.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\notepad.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\geometry dash auto speedhack.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\notepad.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\DllHost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\taskkill.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Desktop\geometry dash auto speedhack.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\explorer.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0002 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0002 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000 | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\HardwareID | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\0064 | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\ConfigFlags | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\HardwareID | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\0064 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{afd97640-86a3-4210-b67c-289c41aabe55}\0002 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\HardwareID | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Capabilities | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\HardwareID | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\0064 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Capabilities | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Capabilities | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{afd97640-86a3-4210-b67c-289c41aabe55}\0002 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{259abffc-50a7-47ce-af08-68c9a7d73366}\000C | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{afd97640-86a3-4210-b67c-289c41aabe55}\0003 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{a45c254e-df1c-4efd-8020-67d146a850e0}\0011 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\007A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Capabilities | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{51236583-0c4a-4fe8-b81f-166aec13f510}\0064 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{afd97640-86a3-4210-b67c-289c41aabe55}\0003 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{8c7ed206-3f8a-4827-b3ab-ae9e1faefc6c}\0004 | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{78c34fc8-104a-4aca-9ea4-524d52996e57}\005A | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\FriendlyName | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}\0009 | C:\Windows\explorer.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName | C:\Windows\explorer.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{a45c254e-df1c-4efd-8020-67d146a850e0}\0011 | C:\Windows\explorer.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
Kills process with taskkill
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| N/A | N/A | N/A | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2227988167-2813779459-4240799794-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2227988167-2813779459-4240799794-1000\Software\Microsoft\Internet Explorer\Toolbar\Locked = "1" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2227988167-2813779459-4240799794-1000\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2227988167-2813779459-4240799794-1000\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\ITBar7Layout = 13000000000000000000000020000000100000000000000001000000010700005e01000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2227988167-2813779459-4240799794-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2227988167-2813779459-4240799794-1000\Software\Microsoft\Internet Explorer\Toolbar\Locked = "1" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2227988167-2813779459-4240799794-1000\Software\Microsoft\Internet Explorer\GPU | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (data) | \REGISTRY\USER\S-1-5-20\Control Panel\Input Method\Hot Keys\00000202\Target IME = 00000000 | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@%SystemRoot%\system32\dssvc.dll,-10003 = "Data Sharing Service" | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@%SystemRoot%\System32\drivers\scfilter.sys,-11 = "Smart card PnP Class Filter Driver" | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-19\AppEvents\EventLabels\Minimize\ = "Minimize" | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-20\AppEvents\Schemes\Apps\.Default\Notification.Looping.Alarm4\.Current\ = "%SystemRoot%\\media[Alarm04.wav" | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-20\Console\FontFamily = "0" | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\4\PMDisplayName = "Restricted sites [Protected Mode]" | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\ = "ÿ" | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\PushNotifications\Backup\Windows.SystemToast.Devices\appType = "app:system" | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-19\AppEvents\EventLabels\WindowsUnlock\ = "Windows Unlock" | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-19\Control Panel\Appearance\Schemes\@themeui.dll,-854 = 02000000f40100000100000010000000100000001200000012000000f5ffffff000000000000000000000000bc02000000000000000000005400610068006e006d006100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0000000f000000f5ffffff000000000000000000000000bc02000000000000000000005400610068006f006d006100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001200000012000000f5ffffff0000000000000000000000009001000000000000000000005400610068006f006d00610000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f5ffffff0000000000000000000000009001000000000000000000005400610068006f006d00610000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f5ffffff0000000000000000000000009001000000000000000001005400610068006f006d00610000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000f5ffffff0000000000000000000000009001000000000000000000ff5400610068006f006d00610000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d4d0c8003a6ea5000a246a0080808000d4d0c800ffffff00000000000000000000000000ffffff00d4d0c800d4d0c800808080000a246a00ffffff00d4d0c800808081008080800000000000d4d0c800ffffff0040404000d4d0c8000000ff00ffffe100b5b5b50000008000a6caf000c0c0c000 | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-19\AppEvents\Schemes\Apps\.Default\Notification.Looping.Alarm10\.Default\ = "%SystemRoot%\\media\\Alarm10.wav" | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-19\Control Panel\Desktop\Colors\ButtonLight = "212 208 200" | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\SearchPlatform\Preferences\DisableAutoNavigateURL = "0" | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\IE5_UA_Backup_Flag = "5.0" | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-20\Console\%SystemRoot%_System32_WindowsPowerShell_v1.0_powershell.exe\PopupColors = "243" | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-20\AppEvents\Schemes\Apps\sapisvr\MisrecoSound\.current\ = "%SystemRoot%\\media\\Speech Misrecognition.wav" | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\Software\Classes\Local Settings\MuiCache\26\52C64B7E\@%systemroot%\system32\spectrum.exe,-101 = "Windows Perception Service" | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-19\AppEvents\EventLabels\Notification.Proximity\DispFileName = "@mmres.dll,-5858" | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\AppEvents\EventLabels\WindowsUnlock\ExcludeFromCPL = "1" | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-19\AppEvents\Schemes\Apps\.Default\Notification.Looping.Call10\.Current\ = "%SystemRoot%\\media\\Ring11.wav" | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Console\WindowAlpha = "255" | C:\Windows\SysWOW64\Taskmgr.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A7B93C8F-7B81-11D0-AC5F-00C04FD97575}\ = "IAgentCharacter" | C:\Windows\msagent\AgentSvr.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2227988167-2813779459-4240799794-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoftwindows.client.cbs_cw5n1h2txyewy\Internet Explorer\DOMStorage\www.bing.com\ = "1064" | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B0913410-3B44-11D1-ACBA-00C04FD97575}\TypeLib\ = "{F5BE8BC2-7DE6-11D0-91FE-00C04FD701A5}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2227988167-2813779459-4240799794-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\RADCUI.dll,-15300#immutable1 = "RemoteApp and Desktop Connections" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A7B93C85-7B81-11D0-AC5F-00C04FD97575}\TypeLib\ = "{A7B93C73-7B81-11D0-AC5F-00C04FD97575}" | C:\Windows\msagent\AgentSvr.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6BA90C00-3910-11D1-ACB3-00C04FD97575}\TypeLib\ = "{A7B93C73-7B81-11D0-AC5F-00C04FD97575}" | C:\Windows\msagent\AgentSvr.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2227988167-2813779459-4240799794-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell\WinPos1920x1200x144(1).bottom = "1024" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{F5BE8BD2-7DE6-11D0-91FE-00C04FD701A5}\InprocServer32\ThreadingModel = "Apartment" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Agent.Server.2 | C:\Windows\msagent\AgentSvr.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D45FD2FC-5C6E-11D1-9EC1-00C04FD7081F}\ProgID\ = "Agent.Server.2" | C:\Windows\msagent\AgentSvr.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A7B93C83-7B81-11D0-AC5F-00C04FD97575}\ = "IAgentCommand" | C:\Windows\msagent\AgentSvr.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\.acs\ = "Agent.Character2.2" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Agent.Character.2\shellex\PropertySheetHandlers\CharacterPage\ = "{143A62C8-C33B-11D1-84FE-00C04FA34A14}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CA141FD0-AC7F-11d1-97A3-0060082730FF}\InprocServer32\ = "C:\\Windows\\lhsp\\tv\\tv_enua.dll" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D7A6D440-8872-11D1-9EC6-00C04FD7081F}\ProxyStubClsid32 | C:\Windows\msagent\AgentSvr.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2227988167-2813779459-4240799794-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\TrayNotify\UserStartTime = "133670857060696842" | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2227988167-2813779459-4240799794-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2\0\0 = 1e007180000000000000000000005427636023c5624bb45c4172da0126190000 | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D6589121-FC70-11D0-AC94-00C04FD97575}\TypeLib | C:\Windows\msagent\AgentSvr.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2227988167-2813779459-4240799794-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2227988167-2813779459-4240799794-1000_Classes\roblox-player\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Bloxstrap\\Bloxstrap.exe\" %1" | C:\Users\Admin\Downloads\Bloxstrap-v2.7.0.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{143A62C8-C33B-11D1-84FE-00C04FA34A14}\InprocServer32\ThreadingModel = "Apartment" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A7B93C89-7B81-11D0-AC5F-00C04FD97575} | C:\Windows\msagent\AgentSvr.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{48D12BA0-5B77-11D1-9EC1-00C04FD7081F}\TypeLib | C:\Windows\msagent\AgentSvr.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Agent.Character.2\DefaultIcon | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A7B93C8F-7B81-11D0-AC5F-00C04FD97575}\TypeLib | C:\Windows\msagent\AgentSvr.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2227988167-2813779459-4240799794-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F5BE8BC2-7DE6-11D0-91FE-00C04FD701A5}\2.0\HELPDIR | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F5BE8BD9-7DE6-11D0-91FE-00C04FD701A5}\ = "IAgentCtlCharacter" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1DAB85C3-803A-11D0-AC63-00C04FD97575}\TypeLib\ = "{F5BE8BC2-7DE6-11D0-91FE-00C04FD701A5}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6D0ECB27-9968-11D0-AC6E-00C04FD97575} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2227988167-2813779459-4240799794-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{24CCB8A6-C45A-477D-B940-3382B9225668}\LogicalViewMode = "2" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1DAB85C3-803A-11D0-AC63-00C04FD97575}\ = "IAgentCtlRequest" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F5BE8BF0-7DE6-11D0-91FE-00C04FD701A5} | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6D0ECB23-9968-11D0-AC6E-00C04FD97575}\TypeLib | C:\Windows\msagent\AgentSvr.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{D6589123-FC70-11D0-AC94-00C04FD97575}\2.0\HELPDIR\ = "C:\\Windows\\msagent\\AgentSvr.exe\\" | C:\Windows\msagent\AgentSvr.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2227988167-2813779459-4240799794-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\inetcpl.cpl,-4313#immutable1 = "Configure your Internet display and connection settings." | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F5BE8BE8-7DE6-11D0-91FE-00C04FD701A5}\ProxyStubClsid32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F5BE8BDF-7DE6-11D0-91FE-00C04FD701A5}\TypeLib\Version = "2.0" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{00D18159-8466-11D0-AC63-00C04FD97575} | C:\Windows\msagent\AgentSvr.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2227988167-2813779459-4240799794-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\{24CCB8A6-C45A-477D-B940-3382B9225668}\FFlags = "1092616193" | C:\Windows\explorer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{95A893C3-543A-11D0-AC45-00C04FD97575}\InprocServer32\ = "C:\\Windows\\msagent\\mslwvtts.dll" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A7B93C8B-7B81-11D0-AC5F-00C04FD97575}\ = "IAgentPropertySheet" | C:\Windows\msagent\AgentSvr.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A7B93C8D-7B81-11D0-AC5F-00C04FD97575}\TypeLib\ = "{A7B93C73-7B81-11D0-AC5F-00C04FD97575}" | C:\Windows\msagent\AgentSvr.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D6589121-FC70-11D0-AC94-00C04FD97575}\ProxyStubClsid32 | C:\Windows\msagent\AgentSvr.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A7B93C80-7B81-11D0-AC5F-00C04FD97575}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" | C:\Windows\msagent\AgentSvr.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{48D12BA0-5B77-11D1-9EC1-00C04FD7081F}\ = "IAgentEx" | C:\Windows\msagent\AgentSvr.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F5BE8BE8-7DE6-11D0-91FE-00C04FD701A5}\TypeLib\ = "{F5BE8BC2-7DE6-11D0-91FE-00C04FD701A5}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F5BE8BF0-7DE6-11D0-91FE-00C04FD701A5}\TypeLib | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6D0ECB27-9968-11D0-AC6E-00C04FD97575}\ = "IAgentCtlCommandsWindow" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F5BE8BC2-7DE6-11D0-91FE-00C04FD701A5}\1.5\0\win32\ = "C:\\Windows\\msagent\\AgtCtl15.tlb" | C:\Windows\msagent\AgentSvr.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D6589121-FC70-11D0-AC94-00C04FD97575}\ = "IAgentExt" | C:\Windows\msagent\AgentSvr.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D45FD31B-5C6E-11D1-9EC1-00C04FD7081F}\Version | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{822DB1C0-8879-11D1-9EC6-00C04FD7081F}\TypeLib\Version = "2.0" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A7B93C83-7B81-11D0-AC5F-00C04FD97575}\TypeLib\Version = "2.0" | C:\Windows\msagent\AgentSvr.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A7B93C87-7B81-11D0-AC5F-00C04FD97575}\ = "IAgentSpeechInputProperties" | C:\Windows\msagent\AgentSvr.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2227988167-2813779459-4240799794-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2\0\0\MRUListEx = 00000000ffffffff | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2227988167-2813779459-4240799794-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\Shell\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{A7B93C8B-7B81-11D0-AC5F-00C04FD97575} | C:\Windows\msagent\AgentSvr.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{98BBE491-2EED-11D1-ACAC-00C04FD97575} | C:\Windows\msagent\AgentSvr.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2227988167-2813779459-4240799794-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307} | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{F5BE8BD2-7DE6-11D0-91FE-00C04FD701A5}\MiscStatus | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F5BE8BDB-7DE6-11D0-91FE-00C04FD701A5}\ProxyStubClsid32 | C:\Windows\SysWOW64\regsvr32.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F5BE8BDB-7DE6-11D0-91FE-00C04FD701A5}\TypeLib\ = "{F5BE8BC2-7DE6-11D0-91FE-00C04FD701A5}" | C:\Windows\SysWOW64\regsvr32.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 225018.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Bonzify.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 840113.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\geometry dash auto speedhack.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Solara.zip:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 476049.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\Bloxstrap-v2.7.0.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File created | C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe\:SmartScreen:$DATA | C:\Users\Admin\Downloads\Bloxstrap-v2.7.0.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Windows\explorer.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\geometry dash auto speedhack.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\Downloads\Bloxstrap-v2.7.0.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe | N/A |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeDebugPrivilege | N/A | C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe | N/A |
| Token: 33 | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\system32\AUDIODG.EXE | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\SysWOW64\taskkill.exe | N/A |
| Token: 33 | N/A | C:\Windows\msagent\AgentSvr.exe | N/A |
| Token: SeIncBasePriorityPrivilege | N/A | C:\Windows\msagent\AgentSvr.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeCreatePagefilePrivilege | N/A | C:\Windows\explorer.exe | N/A |
| Token: SeShutdownPrivilege | N/A | C:\Windows\explorer.exe | N/A |
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of UnmapMainImage
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\windows-malware
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb8ef4cc40,0x7ffb8ef4cc4c,0x7ffb8ef4cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1824,i,12679082747063903829,6399962478123712093,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1820 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2108,i,12679082747063903829,6399962478123712093,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2120 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2196,i,12679082747063903829,6399962478123712093,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2212 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3120,i,12679082747063903829,6399962478123712093,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3112 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3172,i,12679082747063903829,6399962478123712093,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3356 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4448,i,12679082747063903829,6399962478123712093,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3116 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffb8f573cb8,0x7ffb8f573cc8,0x7ffb8f573cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1860 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2040 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2756 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4856 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3944 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4224 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5324 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5576 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5660 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5836 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5904 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5020 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5032 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5480 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3612 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5192 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5520 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5988 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5728 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4052 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaService --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=6756 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6972 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7136 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7308 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7428 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6240 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7724 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5716 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7756 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8076 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7492 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8132 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7792 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=8136 /prefetch:2
C:\Users\Admin\Downloads\Bloxstrap-v2.7.0.exe
"C:\Users\Admin\Downloads\Bloxstrap-v2.7.0.exe"
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-01a570a3cd0a46f2\RobloxPlayerBeta.exe
"C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-01a570a3cd0a46f2\RobloxPlayerBeta.exe" --app -channel production
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7856 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7024 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8120 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7868 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8080 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2612 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5904 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7496 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x000000000000047C 0x00000000000004C0
C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe
"C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe"
C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-01a570a3cd0a46f2\RobloxPlayerBeta.exe
"C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-01a570a3cd0a46f2\RobloxPlayerBeta.exe" --app -channel production
C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe
"C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe"
C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-01a570a3cd0a46f2\RobloxPlayerBeta.exe
"C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-01a570a3cd0a46f2\RobloxPlayerBeta.exe" --app -channel production
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7500 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7656 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8172 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3488 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8044 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3508 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3640 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7060 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7524 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5836 /prefetch:1
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7336 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6512 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5096 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8236 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7896 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5204 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8516 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8632 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9164 /prefetch:1
C:\Windows\System32\oobe\UserOOBEBroker.exe
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\Windows\System32\oobe\UserOOBEBroker.exe
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7980 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8900 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8792 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6980 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8140 /prefetch:8
C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe
"C:\Users\Admin\AppData\Local\Bloxstrap\Bloxstrap.exe"
C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-01a570a3cd0a46f2\RobloxPlayerBeta.exe
"C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-01a570a3cd0a46f2\RobloxPlayerBeta.exe" --app -channel production
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=8456 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x000000000000047C 0x00000000000004C0
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8600 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9128 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6912 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9044 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,12160743086049197255,12458324992647482309,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8692 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffb8f573cb8,0x7ffb8f573cc8,0x7ffb8f573cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1920 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2320 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2556 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3044 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3724 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5076 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5064 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5192 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3948 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5608 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5636 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4152 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6344 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6620 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6976 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3184 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5484 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5548 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7484 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7724 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=6196 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5012 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7632 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaService --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=7932 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5964 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6496 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7176 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7328 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8108 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5420 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6196 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6468 /prefetch:1
C:\Windows\System32\DataExchangeHost.exe
C:\Windows\System32\DataExchangeHost.exe -Embedding
C:\Users\Admin\Desktop\geometry dash auto speedhack.exe
"C:\Users\Admin\Desktop\geometry dash auto speedhack.exe"
C:\Users\Admin\Desktop\Bonzify.exe
"C:\Users\Admin\Desktop\Bonzify.exe"
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\KillAgent.bat"
C:\Windows\SysWOW64\taskkill.exe
taskkill /f /im AgentSvr.exe
C:\Windows\SysWOW64\takeown.exe
takeown /r /d y /f C:\Windows\MsAgent
C:\Windows\SysWOW64\icacls.exe
icacls C:\Windows\MsAgent /c /t /grant "everyone":(f)
C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe
INSTALLER.exe /q
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentCtl.dll"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentDPv.dll"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\mslwvtts.dll"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentDP2.dll"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentMPx.dll"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentSR.dll"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentPsh.dll"
C:\Windows\msagent\AgentSvr.exe
"C:\Windows\msagent\AgentSvr.exe" /regserver
C:\Windows\SysWOW64\grpconv.exe
grpconv.exe -o
C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe
INSTALLER.exe /q
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s C:\Windows\lhsp\tv\tv_enua.dll
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s C:\Windows\lhsp\tv\tvenuax.dll
C:\Windows\SysWOW64\grpconv.exe
grpconv.exe -o
C:\Windows\msagent\AgentSvr.exe
C:\Windows\msagent\AgentSvr.exe -Embedding
C:\Users\Admin\Desktop\geometry dash auto speedhack.exe
"C:\Users\Admin\Desktop\geometry dash auto speedhack.exe" /watchdog
C:\Users\Admin\Desktop\geometry dash auto speedhack.exe
"C:\Users\Admin\Desktop\geometry dash auto speedhack.exe" /watchdog
C:\Users\Admin\Desktop\geometry dash auto speedhack.exe
"C:\Users\Admin\Desktop\geometry dash auto speedhack.exe" /watchdog
C:\Users\Admin\Desktop\geometry dash auto speedhack.exe
"C:\Users\Admin\Desktop\geometry dash auto speedhack.exe" /watchdog
C:\Users\Admin\Desktop\geometry dash auto speedhack.exe
"C:\Users\Admin\Desktop\geometry dash auto speedhack.exe" /watchdog
C:\Users\Admin\Desktop\geometry dash auto speedhack.exe
"C:\Users\Admin\Desktop\geometry dash auto speedhack.exe" /main
C:\Windows\SysWOW64\notepad.exe
"C:\Windows\System32\notepad.exe" \note.txt
C:\Windows\explorer.exe
explorer.exe
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe" -ServerName:CortanaUI.AppXstmwaab17q5s3y22tp6apqz7a45vwv65.mca
C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
"C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7608 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+remove+memz+trojan+virus
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1308 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4436 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb8f573cb8,0x7ffb8f573cc8,0x7ffb8f573cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7420 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1236 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6608 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5376 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+code+a+virus+in+visual+basic
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ffb8f573cb8,0x7ffb8f573cc8,0x7ffb8f573cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8784 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1860 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9308 /prefetch:1
C:\Windows\SysWOW64\Taskmgr.exe
"C:\Windows\System32\Taskmgr.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 180 -ip 180
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 180 -s 2560
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=my+computer+is+doing+weird+things+wtf+is+happenin+plz+halp
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x12c,0x130,0x134,0x108,0x138,0x7ffb8f573cb8,0x7ffb8f573cc8,0x7ffb8f573cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9516 /prefetch:1
C:\Windows\SysWOW64\explorer.exe
"C:\Windows\System32\explorer.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=facebook+hacking+tool+free+download+no+virus+working+2016
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb8f573cb8,0x7ffb8f573cc8,0x7ffb8f573cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10180 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=facebook+hacking+tool+free+download+no+virus+working+2016
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb8f573cb8,0x7ffb8f573cc8,0x7ffb8f573cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9524 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9324 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7648 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://answers.microsoft.com/en-us/protect/forum/protect_other-protect_scanning/memz-malwarevirus-trojan-completely-destroying/268bc1c2-39f4-42f8-90c2-597a673b6b45
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x12c,0x130,0x134,0xfc,0x138,0x7ffb8f573cb8,0x7ffb8f573cc8,0x7ffb8f573cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9184 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8748 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8212 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9692 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9200 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=is+illuminati+real
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb8f573cb8,0x7ffb8f573cc8,0x7ffb8f573cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9288 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8892 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7444 /prefetch:1
C:\Windows\SysWOW64\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 552 -p 3160 -ip 3160
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3160 -s 464
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=batch+virus+download
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb8f573cb8,0x7ffb8f573cc8,0x7ffb8f573cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8792 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6724 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9788 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=vinesauce+meme+collection
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xc0,0x12c,0x7ffb8f573cb8,0x7ffb8f573cc8,0x7ffb8f573cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3544 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7932 /prefetch:1
C:\Windows\SysWOW64\explorer.exe
"C:\Windows\System32\explorer.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=g3t+r3kt
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb8f573cb8,0x7ffb8f573cc8,0x7ffb8f573cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2736 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2700 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8936 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9104 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5356 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=stanky+danky+maymays
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8624 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x124,0x128,0x12c,0x104,0x130,0x7ffb8f573cb8,0x7ffb8f573cc8,0x7ffb8f573cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6300 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7384 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9812 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+get+money
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb8f573cb8,0x7ffb8f573cc8,0x7ffb8f573cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9836 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8660 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9588 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8620 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=virus.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb8f573cb8,0x7ffb8f573cc8,0x7ffb8f573cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6164 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8780 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://softonic.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb8f573cb8,0x7ffb8f573cc8,0x7ffb8f573cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9664 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9572 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8460 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6136 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9244 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8448 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7516 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5920 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8068 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+remove+memz+trojan+virus
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb8f573cb8,0x7ffb8f573cc8,0x7ffb8f573cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5936 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=virus.exe
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb8f573cb8,0x7ffb8f573cc8,0x7ffb8f573cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2516 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=facebook+hacking+tool+free+download+no+virus+working+2016
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb8f573cb8,0x7ffb8f573cc8,0x7ffb8f573cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8008 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=132 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8144 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=the+memz+are+real
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb8f573cb8,0x7ffb8f573cc8,0x7ffb8f573cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7148 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8396 /prefetch:1
C:\Windows\SysWOW64\control.exe
"C:\Windows\System32\control.exe"
C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=what+happens+if+you+delete+system32
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0x100,0x12c,0x7ffb8f573cb8,0x7ffb8f573cc8,0x7ffb8f573cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8116 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2644 /prefetch:1
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+code+a+virus+in+visual+basic
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb8f573cb8,0x7ffb8f573cc8,0x7ffb8f573cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9432 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=138 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9296 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+send+a+virus+to+my+friend
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb8f573cb8,0x7ffb8f573cc8,0x7ffb8f573cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8572 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7648 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1884,13992291861422209922,8090513043656583422,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=9928 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://softonic.com/
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb8f573cb8,0x7ffb8f573cc8,0x7ffb8f573cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1852,3681280626882984997,16784909347508677085,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1864 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1852,3681280626882984997,16784909347508677085,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2288 /prefetch:3
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1852,3681280626882984997,16784909347508677085,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2596 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,3681280626882984997,16784909347508677085,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3304 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,3681280626882984997,16784909347508677085,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,3681280626882984997,16784909347508677085,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4916 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1852,3681280626882984997,16784909347508677085,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3660 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1852,3681280626882984997,16784909347508677085,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3224 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,3681280626882984997,16784909347508677085,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5324 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,3681280626882984997,16784909347508677085,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5476 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,3681280626882984997,16784909347508677085,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3424 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,3681280626882984997,16784909347508677085,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3528 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,3681280626882984997,16784909347508677085,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4944 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1852,3681280626882984997,16784909347508677085,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5724 /prefetch:1
C:\Windows\SysWOW64\notepad.exe
"C:\Windows\System32\notepad.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 436 -p 916 -ip 916
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 916 -s 456
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+send+a+virus+to+my+friend
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb8f573cb8,0x7ffb8f573cc8,0x7ffb8f573cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1908,1871964140690975895,4628029101552770976,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1920 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1908,1871964140690975895,4628029101552770976,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1908,1871964140690975895,4628029101552770976,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2776 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,1871964140690975895,4628029101552770976,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,1871964140690975895,4628029101552770976,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,1871964140690975895,4628029101552770976,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4992 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,1871964140690975895,4628029101552770976,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5208 /prefetch:1
C:\Users\Admin\Desktop\Bonzify.exe
"C:\Users\Admin\Desktop\Bonzify.exe"
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\KillAgent.bat"
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a\MSBuild.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a\MSBuild.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\assembly\GAC_32\MSBuild\3.5.0.0__b03f5f7f11d50a3a\MSBuild.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\taskkill.exe
taskkill /f /im AgentSvr.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\assembly\GAC_64\MSBuild\3.5.0.0__b03f5f7f11d50a3a\MSBuild.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 2096 -ip 2096
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+remove+memz+trojan+virus
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb8f573cb8,0x7ffb8f573cc8,0x7ffb8f573cd8
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2096 -s 652
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\assembly\GAC_64\MSBuild\3.5.0.0__b03f5f7f11d50a3a\MSBuild.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\assembly\GAC_64\MSBuild\3.5.0.0__b03f5f7f11d50a3a\MSBuild.exe" /grant "everyone":(f)
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1924,12832680419650974648,16237058070484055049,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1940 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1924,12832680419650974648,16237058070484055049,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1924,12832680419650974648,16237058070484055049,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2596 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,12832680419650974648,16237058070484055049,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3140 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,12832680419650974648,16237058070484055049,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3148 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /r /d y /f C:\Windows\MsAgent
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\assembly\GAC_MSIL\ComSvcConfig\3.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\icacls.exe
icacls C:\Windows\MsAgent /c /t /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a\dfsvc.exe"
C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe
INSTALLER.exe /q
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a\dfsvc.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\assembly\GAC_MSIL\dfsvc\2.0.0.0__b03f5f7f11d50a3a\dfsvc.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentCtl.dll"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentDPv.dll"
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\mslwvtts.dll"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentDP2.dll"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe" /grant "everyone":(f)
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,12832680419650974648,16237058070484055049,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4884 /prefetch:1
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentMPx.dll"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1924,12832680419650974648,16237058070484055049,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1.5 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5100 /prefetch:1
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentSR.dll"
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\assembly\GAC_MSIL\SMSvcHost\3.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s "C:\Windows\msagent\AgentPsh.dll"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\assembly\GAC_MSIL\SMSvcHost\3.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe"
C:\Windows\msagent\AgentSvr.exe
"C:\Windows\msagent\AgentSvr.exe" /regserver
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\assembly\GAC_MSIL\SMSvcHost\3.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\assembly\GAC_MSIL\WsatConfig\3.0.0.0__b03f5f7f11d50a3a\WsatConfig.exe"
C:\Windows\SysWOW64\grpconv.exe
grpconv.exe -o
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\assembly\GAC_MSIL\WsatConfig\3.0.0.0__b03f5f7f11d50a3a\WsatConfig.exe"
C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe
INSTALLER.exe /q
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\assembly\GAC_MSIL\WsatConfig\3.0.0.0__b03f5f7f11d50a3a\WsatConfig.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s C:\Windows\lhsp\tv\tv_enua.dll
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\bfsvc.exe"
C:\Windows\SysWOW64\regsvr32.exe
regsvr32 /s C:\Windows\lhsp\tv\tvenuax.dll
C:\Windows\SysWOW64\grpconv.exe
grpconv.exe -o
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\bfsvc.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\bfsvc.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Boot\PCAT\memtest.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Boot\PCAT\memtest.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Boot\PCAT\memtest.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\BrowserCore\BrowserCore.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\BrowserCore\BrowserCore.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\BrowserCore\BrowserCore.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\explorer.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\explorer.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\explorer.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\HelpPane.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\HelpPane.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\HelpPane.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\hh.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\hh.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\hh.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\ImmersiveControlPanel\SystemSettings.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\ImmersiveControlPanel\SystemSettings.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\ImmersiveControlPanel\SystemSettings.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\acrobroker.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\acrobroker.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\acrobroker.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\AcroRd32.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\AcroRd32.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\AcroRd32.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\AcroRd32Info.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\AcroRd32Info.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\AcroRd32Info.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\acrotextextractor.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\acrotextextractor.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\acrotextextractor.exe" /grant "everyone":(f)
C:\Windows\msagent\AgentSvr.exe
C:\Windows\msagent\AgentSvr.exe -Embedding
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\adelrcp.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\adelrcp.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\adelrcp.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\AdobeCollabSync.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\AdobeCollabSync.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\AdobeCollabSync.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\eula.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\eula.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\eula.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\logtransport2.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\logtransport2.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\logtransport2.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\rdrservicesupdater.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\rdrservicesupdater.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\rdrservicesupdater.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\reader_sl.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\reader_sl.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\reader_sl.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\wow_helper.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\wow_helper.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\wow_helper.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\_4bitmapibroker.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\_4bitmapibroker.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744CAF070E41400\15.7.20033\_4bitmapibroker.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\assembly\GAC_32\MSBuild\v4.0_4.0.0.0__b03f5f7f11d50a3a\MSBuild.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\assembly\GAC_32\MSBuild\v4.0_4.0.0.0__b03f5f7f11d50a3a\MSBuild.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\assembly\GAC_32\MSBuild\v4.0_4.0.0.0__b03f5f7f11d50a3a\MSBuild.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\assembly\GAC_64\MSBuild\v4.0_4.0.0.0__b03f5f7f11d50a3a\MSBuild.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\assembly\GAC_64\MSBuild\v4.0_4.0.0.0__b03f5f7f11d50a3a\MSBuild.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\assembly\GAC_64\MSBuild\v4.0_4.0.0.0__b03f5f7f11d50a3a\MSBuild.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\assembly\GAC_MSIL\ComSvcConfig\v4.0_4.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\assembly\GAC_MSIL\ComSvcConfig\v4.0_4.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\assembly\GAC_MSIL\ComSvcConfig\v4.0_4.0.0.0__b03f5f7f11d50a3a\ComSvcConfig.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\assembly\GAC_MSIL\dfsvc\v4.0_4.0.0.0__b03f5f7f11d50a3a\dfsvc.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\assembly\GAC_MSIL\dfsvc\v4.0_4.0.0.0__b03f5f7f11d50a3a\dfsvc.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\assembly\GAC_MSIL\dfsvc\v4.0_4.0.0.0__b03f5f7f11d50a3a\dfsvc.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Workflow.Compiler.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Workflow.Compiler.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Workflow.Compiler.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\assembly\GAC_MSIL\SMSvcHost\v4.0_4.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\assembly\GAC_MSIL\SMSvcHost\v4.0_4.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\assembly\GAC_MSIL\SMSvcHost\v4.0_4.0.0.0__b03f5f7f11d50a3a\SMSvcHost.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\assembly\GAC_MSIL\WsatConfig\v4.0_4.0.0.0__b03f5f7f11d50a3a\WsatConfig.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\assembly\GAC_MSIL\WsatConfig\v4.0_4.0.0.0__b03f5f7f11d50a3a\WsatConfig.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\assembly\GAC_MSIL\WsatConfig\v4.0_4.0.0.0__b03f5f7f11d50a3a\WsatConfig.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\NETFXSBS10.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\NETFXSBS10.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\NETFXSBS10.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v2.0.50727\AppLaunch.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_compiler.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regbrowsers.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regiis.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v2.0.50727\CasPol.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v2.0.50727\dw20.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v2.0.50727\dw20.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v2.0.50727\dw20.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v2.0.50727\IEExec.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v2.0.50727\jsc.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v2.0.50727\MSBuild.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v2.0.50727\ngen.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ComSvcConfig.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelReg.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMConfigInstaller.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMConfigInstaller.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMConfigInstaller.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\WsatConfig.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v3.0\WPF\XamlViewer\XamlViewer_v0300.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v3.0\WPF\XamlViewer\XamlViewer_v0300.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v3.0\WPF\XamlViewer\XamlViewer_v0300.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v3.5\AddInProcess.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v3.5\AddInProcess32.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v3.5\AddInUtil.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v3.5\csc.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v3.5\csc.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v3.5\csc.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v3.5\DataSvcUtil.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v3.5\EdmGen.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v3.5\EdmGen.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v3.5\EdmGen.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v3.5\MSBuild.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v3.5\MSBuild.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v3.5\MSBuild.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v3.5\vbc.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v3.5\vbc.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v3.5\vbc.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v3.5\WFServicesReg.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInProcess32.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInUtil.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInUtil.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AddInUtil.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_compiler.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_compiler.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_compiler.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regbrowsers.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regbrowsers.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regbrowsers.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regiis.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regsql.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regsql.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_regsql.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_wp.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_wp.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_wp.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\CasPol.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\ComSvcConfig.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\ComSvcConfig.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\ComSvcConfig.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\control.exe
"C:\Windows\System32\control.exe"
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe" /grant "everyone":(f)
C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\DataSvcUtil.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\DataSvcUtil.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\DataSvcUtil.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\dfsvc.exe"
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\dfsvc.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\dfsvc.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\EdmGen.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\EdmGen.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\EdmGen.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\ilasm.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\ilasm.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\ilasm.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\jsc.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\jsc.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\jsc.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Workflow.Compiler.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Workflow.Compiler.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\Microsoft.Workflow.Compiler.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngentask.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngentask.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngentask.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelReg.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelReg.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelReg.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\vbc.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework\v4.0.30319\WsatConfig.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework\v4.0.30319\WsatConfig.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework\v4.0.30319\WsatConfig.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\AppLaunch.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\AppLaunch.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\AppLaunch.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_compiler.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_compiler.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_compiler.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_regbrowsers.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_regbrowsers.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_regbrowsers.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_regiis.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_regiis.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_regiis.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_regsql.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_regsql.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_regsql.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_state.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_state.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_state.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_wp.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_wp.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_wp.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CasPol.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CasPol.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\CasPol.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cvtres.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cvtres.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cvtres.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\dfsvc.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\dfsvc.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\dfsvc.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\dw20.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\dw20.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\dw20.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\IEExec.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\IEExec.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\IEExec.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ilasm.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ilasm.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ilasm.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\InstallUtil.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\InstallUtil.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\InstallUtil.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\jsc.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\jsc.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\jsc.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Ldr64.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Ldr64.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Ldr64.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\MSBuild.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\MSBuild.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\MSBuild.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ngen.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ngen.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ngen.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\RegAsm.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\RegAsm.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\RegAsm.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\RegSvcs.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\RegSvcs.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\RegSvcs.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\vbc.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\vbc.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\vbc.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ComSvcConfig.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ComSvcConfig.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ComSvcConfig.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelReg.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelReg.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelReg.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMConfigInstaller.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMConfigInstaller.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMConfigInstaller.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\WsatConfig.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\WsatConfig.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\WsatConfig.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\XamlViewer\XamlViewer_v0300.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\XamlViewer\XamlViewer_v0300.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\XamlViewer\XamlViewer_v0300.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v3.5\AddInProcess.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v3.5\AddInProcess.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v3.5\AddInProcess.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v3.5\AddInProcess32.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v3.5\AddInProcess32.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v3.5\AddInProcess32.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v3.5\AddInUtil.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v3.5\AddInUtil.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v3.5\AddInUtil.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v3.5\csc.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v3.5\csc.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v3.5\csc.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v3.5\DataSvcUtil.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v3.5\DataSvcUtil.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v3.5\DataSvcUtil.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v3.5\EdmGen.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v3.5\EdmGen.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v3.5\EdmGen.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v3.5\MSBuild.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v3.5\MSBuild.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v3.5\MSBuild.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v3.5\vbc.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v3.5\vbc.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v3.5\vbc.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v3.5\WFServicesReg.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v3.5\WFServicesReg.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v3.5\WFServicesReg.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\AddInProcess.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\AddInProcess.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\AddInProcess.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\AddInProcess32.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\AddInProcess32.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\AddInProcess32.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\AddInUtil.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\AddInUtil.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\AddInUtil.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\AppLaunch.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\AppLaunch.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\AppLaunch.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_compiler.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_compiler.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_compiler.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regbrowsers.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regbrowsers.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regbrowsers.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regiis.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regiis.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regiis.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regsql.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 548 -p 5132 -ip 5132
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5132 -s 1292
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regsql.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_regsql.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_wp.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_wp.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_wp.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\CasPol.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\CasPol.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\CasPol.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ComSvcConfig.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ComSvcConfig.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ComSvcConfig.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\DataSvcUtil.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\DataSvcUtil.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\DataSvcUtil.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\EdmGen.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\EdmGen.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\EdmGen.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ilasm.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ilasm.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ilasm.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\InstallUtil.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\InstallUtil.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\InstallUtil.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\jsc.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\jsc.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\jsc.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Workflow.Compiler.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Workflow.Compiler.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Microsoft.Workflow.Compiler.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\MSBuild.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\MSBuild.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\MSBuild.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentask.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentask.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentask.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegAsm.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegSvcs.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegSvcs.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\RegSvcs.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelReg.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelReg.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelReg.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\vbc.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\vbc.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\vbc.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WsatConfig.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WsatConfig.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WsatConfig.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\msagent\AgentSvr.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\msagent\AgentSvr.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\msagent\AgentSvr.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\notepad.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\notepad.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\notepad.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\PrintDialog\PrintDialog.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\PrintDialog\PrintDialog.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\PrintDialog\PrintDialog.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\regedit.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\regedit.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\regedit.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-lockapp.appxmain_31bf3856ad364e35_10.0.22000.348_none_e2c7a9ab59285812\f\LockApp.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-lockapp.appxmain_31bf3856ad364e35_10.0.22000.348_none_e2c7a9ab59285812\f\LockApp.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-lockapp.appxmain_31bf3856ad364e35_10.0.22000.348_none_e2c7a9ab59285812\f\LockApp.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-lpksetup_31bf3856ad364e35_10.0.22000.348_none_1cb0f82bf1aef3cc\f\lpksetup.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-lpksetup_31bf3856ad364e35_10.0.22000.348_none_1cb0f82bf1aef3cc\f\lpksetup.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-lpksetup_31bf3856ad364e35_10.0.22000.348_none_1cb0f82bf1aef3cc\f\lpksetup.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-lpksetup_31bf3856ad364e35_10.0.22000.348_none_1cb0f82bf1aef3cc\f\lpremove.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-lpksetup_31bf3856ad364e35_10.0.22000.348_none_1cb0f82bf1aef3cc\f\lpremove.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-lpksetup_31bf3856ad364e35_10.0.22000.348_none_1cb0f82bf1aef3cc\f\lpremove.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_10.0.22000.434_none_38ca096a17805fa9\f\lsass.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_10.0.22000.434_none_38ca096a17805fa9\f\lsass.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_10.0.22000.434_none_38ca096a17805fa9\f\lsass.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-m..ndation-frameserver_31bf3856ad364e35_10.0.22000.469_none_b104ba5249e06dec\f\FsIso.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-m..ndation-frameserver_31bf3856ad364e35_10.0.22000.469_none_b104ba5249e06dec\f\FsIso.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-m..ndation-frameserver_31bf3856ad364e35_10.0.22000.469_none_b104ba5249e06dec\f\FsIso.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-m..nt-browser.appxmain_31bf3856ad364e35_10.0.22000.120_none_f759261c81fa2ed8\f\SecureAssessmentBrowser.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-m..nt-browser.appxmain_31bf3856ad364e35_10.0.22000.120_none_f759261c81fa2ed8\f\SecureAssessmentBrowser.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-m..nt-browser.appxmain_31bf3856ad364e35_10.0.22000.120_none_f759261c81fa2ed8\f\SecureAssessmentBrowser.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-m..pickerhost.appxmain_31bf3856ad364e35_10.0.22000.282_none_08c227a0c7c9c4c1\f\ModalSharePickerHost.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-m..pickerhost.appxmain_31bf3856ad364e35_10.0.22000.282_none_08c227a0c7c9c4c1\f\ModalSharePickerHost.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-m..pickerhost.appxmain_31bf3856ad364e35_10.0.22000.282_none_08c227a0c7c9c4c1\f\ModalSharePickerHost.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-magnify_31bf3856ad364e35_10.0.22000.41_none_506d5972b4817c83\f\Magnify.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-magnify_31bf3856ad364e35_10.0.22000.41_none_506d5972b4817c83\f\Magnify.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-magnify_31bf3856ad364e35_10.0.22000.41_none_506d5972b4817c83\f\Magnify.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-mapi_31bf3856ad364e35_10.0.22000.120_none_a6b2722d9eed2eed\f\fixmapi.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-mapi_31bf3856ad364e35_10.0.22000.120_none_a6b2722d9eed2eed\f\fixmapi.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-mapi_31bf3856ad364e35_10.0.22000.120_none_a6b2722d9eed2eed\f\fixmapi.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-mdmagent_31bf3856ad364e35_10.0.22000.469_none_403fa699a3654657\f\MDMAgent.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-mdmagent_31bf3856ad364e35_10.0.22000.469_none_403fa699a3654657\f\MDMAgent.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-mdmagent_31bf3856ad364e35_10.0.22000.469_none_403fa699a3654657\f\MDMAgent.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-mediafoundation_31bf3856ad364e35_10.0.22000.120_none_97c4601a91ef2a4b\f\mfpmp.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-mediafoundation_31bf3856ad364e35_10.0.22000.120_none_97c4601a91ef2a4b\f\mfpmp.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-mediafoundation_31bf3856ad364e35_10.0.22000.120_none_97c4601a91ef2a4b\f\mfpmp.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-mediaplayer-core_31bf3856ad364e35_10.0.22000.282_none_069016efd47610d8\f\wmpconfig.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-mediaplayer-core_31bf3856ad364e35_10.0.22000.282_none_069016efd47610d8\f\wmpconfig.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-mediaplayer-core_31bf3856ad364e35_10.0.22000.282_none_069016efd47610d8\f\wmpconfig.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-mediaplayer-core_31bf3856ad364e35_10.0.22000.282_none_069016efd47610d8\f\wmplayer.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-mediaplayer-core_31bf3856ad364e35_10.0.22000.282_none_069016efd47610d8\f\wmplayer.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-mediaplayer-core_31bf3856ad364e35_10.0.22000.282_none_069016efd47610d8\f\wmplayer.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-mediaplayer-core_31bf3856ad364e35_10.0.22000.282_none_069016efd47610d8\f\wmpshare.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-mediaplayer-core_31bf3856ad364e35_10.0.22000.282_none_069016efd47610d8\f\wmpshare.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-mediaplayer-core_31bf3856ad364e35_10.0.22000.282_none_069016efd47610d8\f\wmpshare.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-migrationengine_31bf3856ad364e35_10.0.22000.348_none_53ff6ed560767984\f\mighost.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-migrationengine_31bf3856ad364e35_10.0.22000.348_none_53ff6ed560767984\f\mighost.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-migrationengine_31bf3856ad364e35_10.0.22000.348_none_53ff6ed560767984\f\mighost.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-msconfig-exe_31bf3856ad364e35_10.0.22000.71_none_bcb9c63bb991a4c6\f\msconfig.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-msconfig-exe_31bf3856ad364e35_10.0.22000.71_none_bcb9c63bb991a4c6\f\msconfig.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-msconfig-exe_31bf3856ad364e35_10.0.22000.71_none_bcb9c63bb991a4c6\f\msconfig.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-msinfo32-exe-common_31bf3856ad364e35_10.0.22000.71_none_688486d306b27285\f\msinfo32.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-msinfo32-exe-common_31bf3856ad364e35_10.0.22000.71_none_688486d306b27285\f\msinfo32.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-msinfo32-exe-common_31bf3856ad364e35_10.0.22000.71_none_688486d306b27285\f\msinfo32.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-msinfo32-exe_31bf3856ad364e35_10.0.22000.71_none_8e1bee8f157fdd6d\f\msinfo32.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-msinfo32-exe_31bf3856ad364e35_10.0.22000.71_none_8e1bee8f157fdd6d\f\msinfo32.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-msinfo32-exe_31bf3856ad364e35_10.0.22000.71_none_8e1bee8f157fdd6d\f\msinfo32.exe" /grant "everyone":(f)
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\TakeOwn.bat "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-mspaint_31bf3856ad364e35_10.0.22000.41_none_705d08ab0a6355da\f\mspaint.exe"
C:\Windows\SysWOW64\takeown.exe
takeown /f "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-mspaint_31bf3856ad364e35_10.0.22000.41_none_705d08ab0a6355da\f\mspaint.exe"
C:\Windows\SysWOW64\icacls.exe
icacls "C:\Windows\servicing\LCU\Package_for_RollupFix~31bf3856ad364e35~amd64~~22000.493.1.3\amd64_microsoft-windows-mspaint_31bf3856ad364e35_10.0.22000.41_none_705d08ab0a6355da\f\mspaint.exe" /grant "everyone":(f)
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 131.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.179.250.142.in-addr.arpa | udp |
| GB | 2.18.66.162:443 | tcp | |
| GB | 2.18.66.162:443 | tcp | |
| DE | 2.16.100.51:443 | www.bing.com | tcp |
| DE | 2.16.100.51:443 | www.bing.com | tcp |
| DE | 2.16.100.51:443 | www.bing.com | tcp |
| DE | 2.16.100.51:443 | www.bing.com | tcp |
| DE | 2.16.100.51:443 | www.bing.com | tcp |
| DE | 2.16.100.51:443 | www.bing.com | tcp |
| DE | 2.16.100.51:443 | www.bing.com | tcp |
| DE | 2.16.100.51:443 | www.bing.com | tcp |
| DE | 2.16.101.88:443 | www.bing.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| DE | 2.16.101.88:443 | www.bing.com | tcp |
| DE | 2.16.100.49:443 | www.bing.com | tcp |
| DE | 2.16.100.49:443 | www.bing.com | tcp |
| BE | 23.41.178.128:443 | th.bing.com | tcp |
| BE | 23.41.178.128:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 128.178.41.23.in-addr.arpa | udp |
| US | 13.107.21.200:443 | bing.com | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| GB | 128.116.119.4:80 | www.roblox.com | tcp |
| GB | 128.116.119.4:80 | www.roblox.com | tcp |
| GB | 128.116.119.4:443 | www.roblox.com | tcp |
| GB | 128.116.119.4:443 | www.roblox.com | tcp |
| US | 8.8.8.8:53 | 4.119.116.128.in-addr.arpa | udp |
| PL | 77.73.129.44:443 | solaraexecutor.app | tcp |
| PL | 77.73.129.44:443 | solaraexecutor.app | tcp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 104.21.79.23:443 | solaraexec.cc | tcp |
| GB | 2.18.190.80:443 | css.rbxcdn.com | tcp |
| GB | 2.18.190.80:443 | css.rbxcdn.com | tcp |
| GB | 2.18.190.80:443 | css.rbxcdn.com | tcp |
| US | 104.17.247.203:443 | unpkg.com | tcp |
| US | 8.8.8.8:53 | 23.79.21.104.in-addr.arpa | udp |
| GB | 2.18.190.78:443 | static.rbxcdn.com | tcp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| US | 104.17.247.203:443 | unpkg.com | tcp |
| GB | 18.245.253.65:443 | js.rbxcdn.com | tcp |
| US | 104.17.247.203:443 | unpkg.com | tcp |
| US | 8.8.8.8:53 | 78.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.253.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 107.39.156.108.in-addr.arpa | udp |
| GB | 128.116.119.4:443 | apis.roblox.com | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| GB | 128.116.119.4:443 | ecsv2.roblox.com | tcp |
| GB | 128.116.119.4:443 | ecsv2.roblox.com | tcp |
| GB | 128.116.119.4:443 | ecsv2.roblox.com | tcp |
| GB | 18.244.155.96:443 | roblox-api.arkoselabs.com | tcp |
| US | 8.8.8.8:53 | 96.155.244.18.in-addr.arpa | udp |
| GB | 128.116.119.4:443 | auth.roblox.com | udp |
| GB | 2.18.190.80:443 | css.rbxcdn.com | tcp |
| GB | 128.116.119.4:443 | auth.roblox.com | udp |
| GB | 128.116.119.4:443 | auth.roblox.com | udp |
| GB | 2.18.190.75:443 | images.rbxcdn.com | tcp |
| GB | 2.18.190.75:443 | images.rbxcdn.com | tcp |
| GB | 2.18.190.75:443 | images.rbxcdn.com | tcp |
| GB | 2.18.190.75:443 | images.rbxcdn.com | tcp |
| GB | 2.18.190.75:443 | images.rbxcdn.com | tcp |
| GB | 2.18.190.75:443 | images.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 75.190.18.2.in-addr.arpa | udp |
| GB | 128.116.119.4:443 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | 42.36.251.142.in-addr.arpa | udp |
| GB | 128.116.119.4:443 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | 3.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| BE | 23.219.240.231:443 | www.microsoft.com | tcp |
| BE | 23.219.240.231:443 | www.microsoft.com | tcp |
| AU | 20.70.246.20:443 | xbox.com | tcp |
| AU | 20.70.246.20:443 | xbox.com | tcp |
| US | 8.8.8.8:53 | assetgame.roblox.com | udp |
| GB | 128.116.119.4:443 | ncs.roblox.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.111.133:443 | objects.githubusercontent.com | tcp |
| US | 185.199.111.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 133.111.199.185.in-addr.arpa | udp |
| GB | 128.116.119.4:443 | ncs.roblox.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| BE | 23.41.178.122:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 122.178.41.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 185.199.110.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| GB | 2.18.190.81:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| GB | 18.165.242.74:443 | clientsettingscdn.roblox.com | tcp |
| US | 8.8.8.8:53 | 81.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| BE | 23.41.178.67:443 | r.bing.com | tcp |
| US | 8.8.8.8:53 | 67.178.41.23.in-addr.arpa | udp |
| US | 104.21.66.13:443 | kiwix.dev | tcp |
| US | 104.21.66.13:443 | kiwix.dev | tcp |
| US | 8.8.8.8:53 | 13.66.21.104.in-addr.arpa | udp |
| US | 67.199.248.11:443 | bit.ly | tcp |
| US | 67.199.248.11:443 | bit.ly | tcp |
| US | 172.67.149.138:443 | filesilo.cloud | tcp |
| US | 8.8.8.8:53 | stackpath.bootstrapcdn.com | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 151.101.194.137:443 | code.jquery.com | tcp |
| US | 104.18.10.207:443 | stackpath.bootstrapcdn.com | tcp |
| US | 8.8.8.8:53 | 11.248.199.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 138.149.67.172.in-addr.arpa | udp |
| IE | 63.32.42.62:443 | save.enabledstats.com | tcp |
| US | 8.8.8.8:53 | 137.194.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.10.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.42.32.63.in-addr.arpa | udp |
| SE | 194.54.164.123:80 | glovedinosaurs.website | tcp |
| SE | 194.54.164.123:80 | glovedinosaurs.website | tcp |
| DE | 51.195.68.163:443 | www.win-rar.com | tcp |
| NL | 172.217.23.206:443 | google.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| DE | 51.195.68.163:443 | www.win-rar.com | tcp |
| NL | 172.217.23.206:443 | google.com | udp |
| DE | 51.195.68.163:443 | www.win-rar.com | tcp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| DE | 2.16.100.51:443 | www.bing.com | tcp |
| DE | 2.16.100.51:443 | www.bing.com | tcp |
| DE | 2.16.100.51:443 | www.bing.com | tcp |
| DE | 2.16.100.51:443 | www.bing.com | tcp |
| DE | 2.16.100.51:443 | www.bing.com | tcp |
| DE | 2.16.100.51:443 | www.bing.com | tcp |
| DE | 2.16.100.51:443 | www.bing.com | tcp |
| DE | 2.16.100.51:443 | www.bing.com | tcp |
| DE | 2.16.100.51:443 | www.bing.com | tcp |
| DE | 2.16.100.51:443 | www.bing.com | tcp |
| GB | 2.18.66.162:443 | tcp | |
| US | 8.8.8.8:53 | browser.pipe.aria.microsoft.com | udp |
| US | 52.168.117.170:443 | browser.pipe.aria.microsoft.com | tcp |
| US | 8.8.8.8:53 | 75.159.190.20.in-addr.arpa | udp |
| GB | 2.18.190.72:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| GB | 18.165.242.53:443 | clientsettingscdn.roblox.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 72.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.242.165.18.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| GB | 2.18.190.72:443 | setup.rbxcdn.com | tcp |
| GB | 18.165.242.53:443 | clientsettingscdn.roblox.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| BE | 23.41.178.105:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 105.178.41.23.in-addr.arpa | udp |
| US | 52.167.30.171:443 | fpt2.microsoft.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 140.82.113.22:443 | collector.github.com | tcp |
| BE | 23.41.178.114:443 | r.bing.com | tcp |
| US | 13.107.21.200:443 | bing.com | tcp |
| US | 8.8.8.8:53 | 114.178.41.23.in-addr.arpa | udp |
| US | 104.18.239.210:443 | www.crazygames.com | tcp |
| US | 104.18.239.210:443 | www.crazygames.com | tcp |
| US | 8.8.8.8:53 | images.crazygames.com | udp |
| US | 8.8.8.8:53 | workers.crazygames.com | udp |
| US | 8.8.8.8:53 | builds.crazygames.com | udp |
| US | 151.101.130.208:443 | images.crazygames.com | tcp |
| US | 151.101.130.208:443 | images.crazygames.com | tcp |
| US | 151.101.130.208:443 | images.crazygames.com | tcp |
| US | 151.101.130.208:443 | images.crazygames.com | tcp |
| US | 104.18.239.210:443 | model.crazygames.com | tcp |
| US | 151.101.130.208:443 | images.crazygames.com | tcp |
| US | 151.101.130.208:443 | images.crazygames.com | tcp |
| US | 192.124.249.36:80 | certificates.starfieldtech.com | tcp |
| US | 8.8.8.8:53 | 36.249.124.192.in-addr.arpa | udp |
| GB | 108.156.39.76:443 | rumcdn.geoedge.be | tcp |
| GB | 18.244.179.121:443 | cdn.privacy-mgmt.com | tcp |
| GB | 18.244.179.121:443 | cdn.privacy-mgmt.com | tcp |
| US | 8.8.8.8:53 | 121.179.244.18.in-addr.arpa | udp |
| BE | 23.41.178.105:443 | th.bing.com | tcp |
| BE | 23.41.178.105:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | totaladblock.com | udp |
| US | 34.160.40.40:443 | totaladblock.com | tcp |
| US | 34.160.40.40:443 | totaladblock.com | tcp |
| US | 8.8.8.8:53 | www.totaladblock.com | udp |
| US | 8.8.8.8:53 | 40.40.160.34.in-addr.arpa | udp |
| US | 34.160.40.40:443 | www.totaladblock.com | udp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | trc.taboola.com | udp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| NL | 142.250.102.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 168.179.250.142.in-addr.arpa | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | analytics.crazygames.com | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 151.101.193.44:443 | trc.taboola.com | tcp |
| US | 8.8.8.8:53 | 98.39.251.142.in-addr.arpa | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| NL | 142.250.102.156:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.102.250.142.in-addr.arpa | udp |
| NL | 172.217.168.195:443 | www.google.co.uk | tcp |
| NL | 172.217.168.195:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | t-ring-s2.msedge.net | udp |
| GB | 2.18.66.162:443 | tcp | |
| US | 13.107.213.254:443 | t-ring-s2.msedge.net | tcp |
| US | 8.8.8.8:53 | 254.213.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cxcs.microsoft.net | udp |
| BE | 23.41.178.57:443 | www.bing.com | tcp |
| BE | 104.68.66.114:443 | cxcs.microsoft.net | tcp |
| US | 8.8.8.8:53 | 57.178.41.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.66.68.104.in-addr.arpa | udp |
| US | 13.107.213.254:443 | t-ring-s2.msedge.net | tcp |
| GB | 2.18.66.162:443 | tcp | |
| US | 8.8.8.8:53 | teams-ring.msedge.net | udp |
| GB | 2.18.66.162:443 | tcp | |
| US | 8.8.8.8:53 | ow1.res.office365.com | udp |
| US | 52.113.196.254:443 | teams-ring.msedge.net | tcp |
| BE | 2.17.197.81:443 | ow1.res.office365.com | tcp |
| US | 8.8.8.8:53 | 254.196.113.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.197.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cxcs.microsoft.net | udp |
| BE | 104.68.66.114:443 | cxcs.microsoft.net | tcp |
| BE | 23.41.178.106:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 106.178.41.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| GB | 2.18.190.72:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| BE | 104.68.69.233:443 | clientsettingscdn.roblox.com | tcp |
| US | 8.8.8.8:53 | 233.69.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | api.crazygames.com | udp |
| GB | 2.22.228.81:443 | www.bing.com | tcp |
| GB | 2.22.228.81:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 81.228.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | aefd.nelreports.net | udp |
| GB | 2.18.190.140:443 | aefd.nelreports.net | udp |
| GB | 2.18.190.140:443 | aefd.nelreports.net | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| NL | 172.217.168.195:443 | www.google.co.uk | udp |
| GB | 88.221.87.168:443 | www.bing.com | tcp |
| GB | 88.221.87.168:443 | www.bing.com | tcp |
| GB | 2.18.190.140:443 | aefd.nelreports.net | udp |
| GB | 88.221.87.168:443 | www.bing.com | tcp |
| GB | 2.18.190.140:443 | aefd.nelreports.net | tcp |
| US | 8.8.8.8:53 | 168.87.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 88.221.87.169:443 | r.bing.com | tcp |
| GB | 88.221.87.169:443 | r.bing.com | tcp |
| GB | 2.22.228.106:443 | th.bing.com | tcp |
| GB | 2.22.228.106:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 106.228.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.110.133:443 | raw.githubusercontent.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 140.82.113.21:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 88.221.87.169:443 | r.bing.com | tcp |
| GB | 2.22.228.106:443 | th.bing.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 2.22.228.138:443 | th.bing.com | tcp |
| US | 204.79.197.201:443 | testfamilysafety.bing.com | tcp |
| US | 8.8.8.8:53 | 201.197.79.204.in-addr.arpa | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 2.22.228.138:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | www.skidrowreloaded.com | udp |
| US | 104.26.8.45:443 | www.skidrowreloaded.com | tcp |
| US | 104.26.8.45:443 | www.skidrowreloaded.com | tcp |
| US | 8.8.8.8:53 | xbuycgcae.com | udp |
| US | 8.8.8.8:53 | ktpcsqnij.com | udp |
| US | 104.21.91.188:443 | youradexchange.com | tcp |
| US | 104.21.92.134:443 | ktpcsqnij.com | tcp |
| US | 192.0.77.48:443 | s.w.org | tcp |
| US | 104.21.8.108:443 | pubtrky.com | tcp |
| DE | 168.119.149.123:443 | avd-1.genuinesystemtraffic.com | tcp |
| DE | 168.119.149.123:443 | avd-1.genuinesystemtraffic.com | tcp |
| US | 172.67.195.215:443 | targetchain-flow.com | tcp |
| US | 104.17.166.186:443 | c.adsco.re | tcp |
| US | 104.17.166.186:443 | c.adsco.re | tcp |
| US | 8.8.8.8:53 | 6.adsco.re | udp |
| US | 162.252.214.5:443 | adsco.re | tcp |
| US | 162.252.214.5:2087 | adsco.re | tcp |
| US | 162.252.214.5:443 | adsco.re | tcp |
| US | 104.17.167.186:443 | 6.adsco.re | tcp |
| US | 104.17.167.186:2087 | 6.adsco.re | tcp |
| GB | 185.200.118.51:443 | ilwifx3x8v8m.l4.adsco.re | tcp |
| US | 38.132.109.186:3478 | udp | |
| SG | 185.200.116.90:3478 | udp | |
| GB | 185.200.118.90:3478 | udp | |
| US | 38.132.109.115:443 | ilwifx3x8v8m.n4.adsco.re | tcp |
| US | 38.132.109.115:443 | ilwifx3x8v8m.n4.adsco.re | tcp |
| SG | 185.200.116.51:443 | ilwifx3x8v8m.s4.adsco.re | tcp |
| US | 162.252.214.5:443 | adsco.re | tcp |
| SG | 185.200.116.51:443 | ilwifx3x8v8m.s4.adsco.re | tcp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.109.132.38.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.116.200.185.in-addr.arpa | udp |
| US | 104.18.239.210:443 | workers.crazygames.com | tcp |
| US | 104.18.239.210:443 | workers.crazygames.com | tcp |
| US | 104.17.240.158:443 | workers.crazygames.com | tcp |
| US | 151.101.194.208:443 | images.crazygames.com | tcp |
| US | 8.8.8.8:53 | 208.194.101.151.in-addr.arpa | udp |
| GB | 18.172.89.123:443 | rumcdn.geoedge.be | tcp |
| US | 104.18.239.210:443 | model.crazygames.com | tcp |
| US | 8.8.8.8:53 | cdn.privacy-mgmt.com | udp |
| US | 104.18.239.210:443 | model.crazygames.com | tcp |
| US | 104.18.239.210:443 | model.crazygames.com | tcp |
| US | 104.18.239.210:443 | model.crazygames.com | tcp |
| US | 8.8.8.8:53 | 123.89.172.18.in-addr.arpa | udp |
| GB | 18.165.160.7:443 | cdn.privacy-mgmt.com | tcp |
| US | 8.8.8.8:53 | trc.taboola.com | udp |
| US | 151.101.193.44:443 | trc.taboola.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| US | 8.8.8.8:53 | analytics.crazygames.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| NL | 142.250.102.84:443 | accounts.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 142.251.36.34:443 | googleads.g.doubleclick.net | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| NL | 172.217.168.195:443 | www.google.co.uk | udp |
| NL | 172.217.168.195:443 | www.google.co.uk | tcp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| NL | 142.250.102.84:443 | accounts.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 104.18.10.136:443 | user-agent.trafficdecisions.com | tcp |
| US | 104.18.10.136:443 | user-agent.trafficdecisions.com | tcp |
| US | 104.18.15.14:443 | go.c0nect.com | tcp |
| US | 64.225.91.73:80 | zioncentral.org | tcp |
| US | 64.225.91.73:80 | zioncentral.org | tcp |
| US | 104.18.26.45:443 | domaincntrol.com | tcp |
| DE | 64.190.63.136:80 | ww2.zioncentral.org | tcp |
| DE | 64.190.63.136:80 | ww2.zioncentral.org | tcp |
| US | 8.8.8.8:53 | 136.63.190.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 45.26.18.104.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| NO | 2.20.161.47:443 | cxcs.microsoft.net | tcp |
| US | 8.8.8.8:53 | 47.161.20.2.in-addr.arpa | udp |
| NL | 2.16.106.200:443 | www.bing.com | tcp |
| NL | 2.16.106.200:443 | www.bing.com | tcp |
| NL | 2.16.106.200:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 200.106.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | pafvertizing.crazygames.com | udp |
| US | 104.17.240.158:443 | pafvertizing.crazygames.com | tcp |
| US | 8.8.8.8:53 | rafvertizing.crazygames.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| NL | 172.217.168.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | google.com | udp |
| NL | 142.251.36.34:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| NL | 172.217.23.206:443 | google.com | udp |
| NL | 172.217.168.195:443 | www.google.co.uk | udp |
| NL | 172.217.23.206:443 | google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 162.179.250.142.in-addr.arpa | udp |
| NL | 142.250.179.162:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | files.crazygames.com | udp |
| US | 8.8.8.8:53 | imasdk.googleapis.com | udp |
| NL | 172.217.23.202:443 | imasdk.googleapis.com | tcp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| GB | 13.224.84.18:443 | c.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 8.8.8.8:53 | htlb.casalemedia.com | udp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| NL | 185.89.211.116:443 | ib.adnxs.com | tcp |
| NL | 185.89.211.116:443 | ib.adnxs.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 142.250.179.174:443 | fundingchoicesmessages.google.com | tcp |
| DE | 18.64.79.8:443 | hb.yellowblue.io | tcp |
| DE | 18.199.162.64:443 | btlr.sharethrough.com | tcp |
| DE | 18.199.162.64:443 | btlr.sharethrough.com | tcp |
| DE | 18.199.162.64:443 | btlr.sharethrough.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 202.23.217.172.in-addr.arpa | udp |
| US | 172.240.45.73:443 | gov.aniview.com | tcp |
| US | 8.8.8.8:53 | config.aps.amazon-adsystem.com | udp |
| US | 8.8.8.8:53 | 18.84.224.13.in-addr.arpa | udp |
| GB | 2.18.190.81:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.211.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 139.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 64.162.199.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.79.64.18.in-addr.arpa | udp |
| DE | 18.64.119.108:443 | config.aps.amazon-adsystem.com | tcp |
| DE | 18.64.95.121:443 | aax.amazon-adsystem.com | tcp |
| DE | 18.64.95.121:443 | aax.amazon-adsystem.com | tcp |
| NL | 142.250.179.174:443 | fundingchoicesmessages.google.com | udp |
| NO | 2.20.166.89:443 | secure.cdn.fastclick.net | tcp |
| NO | 2.20.166.89:443 | secure.cdn.fastclick.net | tcp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| GB | 13.224.81.88:443 | tags.crwdcntrl.net | tcp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 35.190.39.111:443 | esp.rtbhouse.com | tcp |
| US | 34.120.135.53:443 | oajs.openx.net | tcp |
| IE | 34.252.81.219:443 | bcp.crwdcntrl.net | tcp |
| NL | 172.217.23.202:443 | imasdk.googleapis.com | udp |
| NL | 142.251.36.6:443 | s0.2mdn.net | tcp |
| US | 8.8.8.8:53 | 150.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.45.240.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.38.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 108.119.64.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.166.20.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.81.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 111.39.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.135.120.34.in-addr.arpa | udp |
| NL | 142.250.179.193:443 | ed20a114b270f0004571886501fdc14b.safeframe.googlesyndication.com | tcp |
| NL | 63.215.202.178:443 | proc.ad.cpe.dotomi.com | tcp |
| US | 34.120.135.53:443 | oajs.openx.net | udp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | tcp |
| US | 35.244.159.8:443 | google-bidout-d.openx.net | tcp |
| IE | 67.220.228.202:443 | aax-eu.amazon-adsystem.com | tcp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.251.36.6:443 | s0.2mdn.net | udp |
| US | 143.244.180.136:443 | bloxd.io | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| US | 143.244.180.136:443 | bloxd.io | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| US | 172.67.71.133:443 | bloxdcdn.bloxdhop.io | tcp |
| DE | 157.240.27.27:443 | connect.facebook.net | tcp |
| US | 8.8.8.8:53 | 27.27.240.157.in-addr.arpa | udp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | image8.pubmatic.com | udp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| US | 8.8.8.8:53 | sync.1rx.io | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| NL | 172.217.168.226:443 | cm.g.doubleclick.net | tcp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 151.101.130.49:443 | sync-tm.everesttech.net | tcp |
| IE | 52.215.251.212:443 | ad.360yield.com | tcp |
| NL | 69.173.156.131:443 | beacon-ams3.rubiconproject.com | tcp |
| NL | 69.173.156.131:443 | beacon-ams3.rubiconproject.com | tcp |
| US | 35.244.159.8:443 | u.openx.net | udp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | 214.191.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.174.228.46.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.130.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 212.251.215.52.in-addr.arpa | udp |
| NL | 142.250.179.162:443 | googleads4.g.doubleclick.net | tcp |
| NL | 172.217.168.226:443 | cm.g.doubleclick.net | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| NL | 142.251.39.99:443 | p4-d2pvvupfril4g-na4mur7flkdk6pzh-if-v6exp3-v4.metric.gstatic.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| NL | 142.251.39.99:443 | p4-d2pvvupfril4g-na4mur7flkdk6pzh-if-v6exp3-v4.metric.gstatic.com | tcp |
| DE | 35.156.61.253:443 | match.sharethrough.com | tcp |
| DE | 35.156.61.253:443 | match.sharethrough.com | tcp |
| DE | 18.66.2.64:443 | gw.geoedge.be | tcp |
| DE | 18.66.2.64:443 | gw.geoedge.be | tcp |
| DE | 35.156.61.253:443 | match.sharethrough.com | tcp |
| DE | 35.156.61.253:443 | match.sharethrough.com | tcp |
| NL | 23.200.189.62:443 | eus.rubiconproject.com | tcp |
| NL | 216.58.208.106:443 | ajax.googleapis.com | tcp |
| NL | 216.58.208.106:443 | ajax.googleapis.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| DE | 18.64.79.83:443 | rumcdn.geoedge.be | tcp |
| US | 172.67.71.133:443 | bloxdcdn.bloxdhop.io | tcp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.79.64.18.in-addr.arpa | udp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| US | 8.8.8.8:53 | 41.95.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| DE | 157.240.27.35:443 | www.facebook.com | tcp |
| NL | 142.251.39.99:443 | p4-d2pvvupfril4g-na4mur7flkdk6pzh-if-v6exp3-v4.metric.gstatic.com | udp |
| NL | 142.251.36.34:443 | googleads.g.doubleclick.net | udp |
| NL | 142.251.36.34:443 | googleads.g.doubleclick.net | tcp |
| NL | 172.217.168.202:443 | firebase.googleapis.com | tcp |
| NL | 172.217.168.202:443 | firebase.googleapis.com | udp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| DE | 18.199.162.64:443 | btlr.sharethrough.com | tcp |
| NL | 185.89.211.116:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 202.168.217.172.in-addr.arpa | udp |
| NL | 172.217.23.194:443 | ade.googlesyndication.com | tcp |
| NL | 172.217.23.194:443 | ade.googlesyndication.com | tcp |
| DE | 18.199.162.64:443 | btlr.sharethrough.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 64.23.224.165:443 | static3.bloxd.io | tcp |
| US | 8.8.8.8:53 | 194.23.217.172.in-addr.arpa | udp |
| NL | 142.250.179.162:443 | googleads4.g.doubleclick.net | udp |
| NL | 142.250.179.162:443 | googleads4.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 165.224.23.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.168.217.172.in-addr.arpa | udp |
| DE | 18.199.162.64:443 | btlr.sharethrough.com | tcp |
| NL | 172.217.23.194:443 | ade.googlesyndication.com | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| NL | 172.217.168.195:443 | www.google.co.uk | udp |
| NL | 142.250.102.156:443 | stats.g.doubleclick.net | udp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 172.217.168.195:443 | www.google.co.uk | tcp |
| NL | 142.251.36.18:443 | p4-d2pvvupfril4g-na4mur7flkdk6pzh-238934-i1-v6exp3.ds.metric.gstatic.com | tcp |
| NL | 69.173.156.131:443 | beacon-ams3.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | 43066004379497f89f73d6d747eb5848.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | a692.casalemedia.com | udp |
| NL | 172.217.168.226:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | cs.lkqd.net | udp |
| CA | 85.91.47.63:443 | a692.casalemedia.com | tcp |
| NL | 142.251.36.18:443 | p4-d2pvvupfril4g-na4mur7flkdk6pzh-238934-i1-v6exp3.ds.metric.gstatic.com | tcp |
| GB | 2.18.190.147:443 | cdn.doubleverify.com | tcp |
| GB | 2.18.190.147:443 | cdn.doubleverify.com | tcp |
| NL | 142.250.179.193:443 | 43066004379497f89f73d6d747eb5848.safeframe.googlesyndication.com | tcp |
| NL | 142.250.179.178:443 | p4-d2pvvupfril4g-na4mur7flkdk6pzh-238934-i2-v6exp3.v4.metric.gstatic.com | tcp |
| US | 8.8.8.8:53 | 18.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.179.250.142.in-addr.arpa | udp |
| NL | 172.217.168.226:443 | cm.g.doubleclick.net | udp |
| NL | 172.217.168.226:443 | cm.g.doubleclick.net | udp |
| NL | 142.251.36.6:443 | s0.2mdn.net | udp |
| US | 172.64.145.251:443 | impssl.constantcontact.com | tcp |
| DE | 18.66.2.64:443 | gw.geoedge.be | tcp |
| US | 172.64.151.101:443 | dsum-sec.casalemedia.com | tcp |
| US | 172.64.151.101:443 | dsum-sec.casalemedia.com | tcp |
| NL | 185.89.211.116:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | ads.stickyadstv.com | udp |
| NL | 154.57.158.115:443 | ads.stickyadstv.com | tcp |
| US | 35.244.159.8:443 | us-u.openx.net | tcp |
| US | 35.244.159.8:443 | us-u.openx.net | tcp |
| NL | 154.57.158.115:443 | ads.stickyadstv.com | tcp |
| NL | 23.53.245.94:443 | sync.teads.tv | tcp |
| NL | 185.89.211.116:443 | ib.adnxs.com | tcp |
| US | 143.244.180.136:443 | bloxd.io | tcp |
| NL | 23.53.245.94:443 | sync.teads.tv | tcp |
| NL | 154.57.158.115:443 | ads.stickyadstv.com | tcp |
| US | 143.244.180.136:443 | bloxd.io | tcp |
| GB | 2.18.190.147:443 | cdn.doubleverify.com | tcp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| US | 143.244.180.136:443 | bloxd.io | tcp |
| US | 8.8.8.8:53 | rtb0.doubleverify.com | udp |
| US | 8.8.8.8:53 | 115.158.57.154.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.179.250.142.in-addr.arpa | udp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| US | 172.67.71.133:443 | bloxdcdn.bloxdhop.io | tcp |
| US | 8.8.8.8:53 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | eus.rubiconproject.com | udp |
| US | 8.8.8.8:53 | 5.44.211.130.in-addr.arpa | udp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| DE | 18.199.162.64:443 | btlr.sharethrough.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| DE | 18.64.79.8:443 | hb.yellowblue.io | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| US | 172.240.45.73:443 | gov.aniview.com | tcp |
| US | 104.17.240.158:443 | sdk.crazygames.com | tcp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| IE | 54.194.254.146:443 | id.crwdcntrl.net | tcp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| US | 8.8.8.8:53 | 146.254.194.54.in-addr.arpa | udp |
| DE | 157.240.27.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | matchmaking.bloxd.io | udp |
| US | 164.92.122.81:443 | matchmaking.bloxd.io | tcp |
| US | 8.8.8.8:53 | 81.122.92.164.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.gameanalytics.com | udp |
| US | 52.204.227.150:443 | api.gameanalytics.com | tcp |
| US | 172.67.71.133:443 | bloxdcdn.bloxdhop.io | tcp |
| US | 104.17.240.158:443 | sdk.crazygames.com | tcp |
| US | 146.190.39.167:443 | gs-oneblock-8r1vuyttg6ckygzbl7ssy.doodlecube.io | tcp |
| US | 146.190.39.167:443 | gs-oneblock-8r1vuyttg6ckygzbl7ssy.doodlecube.io | tcp |
| NL | 185.89.211.116:443 | ib.adnxs.com | tcp |
| US | 172.64.151.101:443 | dsum-sec.casalemedia.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| US | 8.8.8.8:53 | hb.yellowblue.io | udp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | aax.amazon-adsystem.com | udp |
| DE | 18.64.79.29:443 | hb.yellowblue.io | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| NL | 185.89.211.116:443 | ib.adnxs.com | tcp |
| DE | 18.64.95.121:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | 29.79.64.18.in-addr.arpa | udp |
| NL | 142.251.36.35:443 | p4-d2pvvupfril4g-na4mur7flkdk6pzh-238934-s1-v6exp3-v4.metric.gstatic.com | tcp |
| NL | 142.251.36.35:443 | p4-d2pvvupfril4g-na4mur7flkdk6pzh-238934-s1-v6exp3-v4.metric.gstatic.com | tcp |
| US | 143.244.180.136:443 | bloxd.io | tcp |
| IE | 54.239.33.159:443 | aax-eu.amazon-adsystem.com | tcp |
| US | 172.64.145.251:443 | impssl.constantcontact.com | tcp |
| NL | 172.217.168.226:443 | www.googletagservices.com | udp |
| FR | 5.135.209.104:443 | rtb-csync.smartadserver.com | tcp |
| FR | 5.135.209.104:443 | rtb-csync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | 104.209.135.5.in-addr.arpa | udp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| NL | 172.217.23.206:443 | google.com | udp |
| NL | 172.217.23.206:443 | google.com | tcp |
| NL | 69.173.156.149:443 | token.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | image2.pubmatic.com | udp |
| GB | 2.18.190.147:443 | cdn.doubleverify.com | tcp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| DE | 18.66.2.64:443 | gw.geoedge.be | tcp |
| NL | 69.173.156.131:443 | beacon-ams3.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| NL | 69.173.156.131:443 | beacon-ams3.rubiconproject.com | tcp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| NL | 198.47.127.205:443 | image2.pubmatic.com | tcp |
| DE | 35.158.160.246:443 | btlr.sharethrough.com | tcp |
| DE | 35.158.160.246:443 | btlr.sharethrough.com | tcp |
| NL | 142.250.179.162:443 | googleads4.g.doubleclick.net | udp |
| NL | 142.250.179.162:443 | googleads4.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 205.127.47.198.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.160.158.35.in-addr.arpa | udp |
| US | 172.240.45.73:443 | gov.aniview.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| US | 172.240.45.73:443 | gov.aniview.com | tcp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| NL | 23.220.113.69:443 | tags.bluekai.com | tcp |
| NL | 23.220.113.69:443 | tags.bluekai.com | tcp |
| IE | 63.32.135.176:443 | bcp.crwdcntrl.net | tcp |
| IE | 63.32.135.176:443 | bcp.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | 176.135.32.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | groundcontrol.sharethrough.com | udp |
| US | 8.8.8.8:53 | b.sharethrough.com | udp |
| DE | 18.64.103.116:443 | b.sharethrough.com | tcp |
| GB | 54.230.10.71:443 | groundcontrol.sharethrough.com | tcp |
| US | 8.8.8.8:53 | 116.103.64.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.10.230.54.in-addr.arpa | udp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| NL | 89.149.193.84:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| NO | 23.44.47.187:443 | secure-assets.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| US | 8.8.8.8:53 | pxl.iqm.com | udp |
| US | 8.8.8.8:53 | bh.contextweb.com | udp |
| US | 8.8.8.8:53 | 84.193.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 187.47.44.23.in-addr.arpa | udp |
| US | 34.193.171.116:443 | pxl.iqm.com | tcp |
| DE | 35.156.61.253:443 | match.sharethrough.com | tcp |
| NL | 23.200.189.62:443 | eus.rubiconproject.com | tcp |
| DK | 37.157.2.229:443 | c1.adform.net | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| FR | 5.135.209.104:443 | rtb-csync.smartadserver.com | tcp |
| FR | 5.135.209.104:443 | rtb-csync.smartadserver.com | tcp |
| NL | 89.149.193.84:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| US | 8.8.8.8:53 | b1sync.zemanta.com | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| NL | 46.228.174.117:443 | sync.1rx.io | tcp |
| US | 192.132.33.68:443 | bttrack.com | tcp |
| NL | 23.220.113.51:80 | x2.i.lencr.org | tcp |
| IE | 34.249.143.67:443 | match.prod.bidr.io | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 70.42.32.31:443 | b1sync.zemanta.com | tcp |
| US | 54.157.168.221:443 | sync.srv.stackadapt.com | tcp |
| US | 151.101.66.49:443 | sync-tm.everesttech.net | tcp |
| US | 35.244.159.8:443 | us-u.openx.net | udp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 185.89.210.46:443 | secure.adnxs.com | tcp |
| US | 80.77.87.161:443 | cs.admanmedia.com | tcp |
| DE | 3.160.39.83:443 | s.ad.smaato.net | tcp |
| US | 34.96.105.8:443 | tr.blismedia.com | tcp |
| NL | 63.215.202.169:443 | stx-match.dotomi.com | tcp |
| IE | 52.31.57.205:443 | ad.360yield.com | tcp |
| US | 8.8.8.8:53 | 67.143.249.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.33.132.192.in-addr.arpa | udp |
| NL | 63.215.202.169:443 | stx-match.dotomi.com | tcp |
| US | 80.77.87.161:443 | cs.admanmedia.com | tcp |
| DE | 3.160.39.83:443 | s.ad.smaato.net | tcp |
| IE | 52.31.57.205:443 | ad.360yield.com | tcp |
| US | 34.96.105.8:443 | tr.blismedia.com | tcp |
| NL | 185.89.210.46:443 | secure.adnxs.com | tcp |
| US | 8.8.8.8:53 | x.dlx.addthis.com | udp |
| NL | 23.220.113.69:443 | x.dlx.addthis.com | tcp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| DE | 91.228.74.166:443 | cms.quantserve.com | tcp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | i.liadm.com | udp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| US | 3.226.96.179:443 | i.liadm.com | tcp |
| DE | 18.64.103.116:443 | b.sharethrough.com | tcp |
| GB | 2.18.190.147:443 | cdn.doubleverify.com | tcp |
| DE | 69.173.144.152:443 | beacon-fra2.rubiconproject.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| US | 8.8.8.8:53 | 221.168.157.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.105.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.202.215.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.57.31.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.87.77.80.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 179.96.226.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.144.173.69.in-addr.arpa | udp |
| US | 35.244.174.68:443 | id.rlcdn.com | tcp |
| US | 104.17.240.158:443 | www.crazygames.com | tcp |
| DE | 18.64.79.29:443 | hb.yellowblue.io | tcp |
| US | 172.64.151.101:443 | dsum-sec.casalemedia.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| DE | 35.158.160.246:443 | btlr.sharethrough.com | tcp |
| DE | 18.64.95.121:443 | aax.amazon-adsystem.com | tcp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| IE | 34.247.205.196:443 | usersync.gumgum.com | tcp |
| GB | 54.230.10.71:443 | groundcontrol.sharethrough.com | tcp |
| IE | 52.214.234.91:443 | ap.lijit.com | tcp |
| IE | 34.254.143.3:443 | loadm.exelator.com | tcp |
| DE | 18.66.2.64:443 | gw.geoedge.be | tcp |
| NL | 69.173.156.131:443 | beacon-ams3.rubiconproject.com | tcp |
| IE | 54.229.131.172:443 | ads.yieldmo.com | tcp |
| IE | 54.229.131.172:443 | ads.yieldmo.com | tcp |
| NL | 208.93.169.131:443 | bh.contextweb.com | tcp |
| DE | 35.156.61.253:443 | match.sharethrough.com | tcp |
| IE | 34.249.143.67:443 | match.prod.bidr.io | tcp |
| NL | 46.228.174.117:443 | usermatch.targeting.unrulymedia.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| NL | 46.228.174.117:443 | usermatch.targeting.unrulymedia.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| DE | 35.158.160.246:443 | btlr.sharethrough.com | tcp |
| US | 35.227.201.97:443 | cookie-sync.api.soundcast.fm | tcp |
| DE | 35.156.61.253:443 | match.sharethrough.com | tcp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| US | 8.8.8.8:53 | 97.201.227.35.in-addr.arpa | udp |
| NL | 35.214.170.195:443 | csync.loopme.me | tcp |
| FR | 45.137.176.88:443 | sync.adotmob.com | tcp |
| NL | 46.228.174.117:443 | usermatch.targeting.unrulymedia.com | tcp |
| US | 70.42.32.31:443 | b1sync.zemanta.com | tcp |
| US | 54.157.168.221:443 | sync.srv.stackadapt.com | tcp |
| IE | 34.249.143.67:443 | match.prod.bidr.io | tcp |
| US | 8.8.8.8:53 | pixel-sync.sitescout.com | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 34.96.105.8:443 | tr.blismedia.com | udp |
| IE | 54.154.106.181:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| US | 104.17.240.158:443 | analytics.crazygames.com | tcp |
| DE | 18.64.79.29:443 | hb.yellowblue.io | tcp |
| DE | 35.158.160.246:443 | btlr.sharethrough.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| NL | 185.89.211.116:443 | secure.adnxs.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 172.64.151.101:443 | dsum-sec.casalemedia.com | tcp |
| DE | 18.64.95.121:443 | aax.amazon-adsystem.com | tcp |
| DE | 18.64.103.116:443 | b.sharethrough.com | tcp |
| DE | 18.64.103.116:443 | b.sharethrough.com | tcp |
| DE | 35.158.160.246:443 | btlr.sharethrough.com | tcp |
| US | 164.92.122.81:443 | matchmaking.bloxd.io | tcp |
| NL | 69.173.156.131:443 | beacon-ams3.rubiconproject.com | tcp |
| GB | 2.18.190.147:443 | cdn.doubleverify.com | tcp |
| US | 164.92.122.81:443 | matchmaking.bloxd.io | tcp |
| GB | 2.18.190.147:443 | cdn.doubleverify.com | tcp |
| GB | 54.230.10.71:443 | groundcontrol.sharethrough.com | tcp |
| DE | 18.66.2.64:443 | gw.geoedge.be | tcp |
| DE | 157.240.27.35:443 | www.facebook.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| US | 146.190.55.78:443 | gs-oneblock-hy7jatftdroznbrc1egy6.doodlecube.io | tcp |
| US | 146.190.55.78:443 | gs-oneblock-hy7jatftdroznbrc1egy6.doodlecube.io | tcp |
| US | 8.8.8.8:53 | api.gameanalytics.com | udp |
| US | 184.73.195.155:443 | api.gameanalytics.com | tcp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| US | 146.190.55.78:443 | gs-oneblock-hy7jatftdroznbrc1egy6.doodlecube.io | tcp |
| US | 8.8.8.8:53 | 155.195.73.184.in-addr.arpa | udp |
| DE | 18.64.103.116:443 | b.sharethrough.com | tcp |
| US | 143.244.180.136:443 | bloxd.io | tcp |
| GB | 2.18.190.147:443 | cdn.doubleverify.com | tcp |
| NL | 69.173.156.131:443 | beacon-ams3.rubiconproject.com | tcp |
| GB | 54.230.10.71:443 | groundcontrol.sharethrough.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 89.149.193.84:443 | ssbsync.smartadserver.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| NL | 46.228.174.117:443 | usermatch.targeting.unrulymedia.com | tcp |
| US | 192.132.33.68:443 | bttrack.com | tcp |
| US | 70.42.32.31:443 | b1sync.zemanta.com | tcp |
| US | 151.101.66.49:443 | sync-tm.everesttech.net | tcp |
| US | 54.157.168.221:443 | sync.srv.stackadapt.com | tcp |
| NL | 63.215.202.169:443 | stx-match.dotomi.com | tcp |
| IE | 34.249.143.67:443 | match.prod.bidr.io | tcp |
| US | 80.77.87.161:443 | cs.admanmedia.com | tcp |
| DE | 3.160.39.83:443 | s.ad.smaato.net | tcp |
| IE | 52.31.57.205:443 | ad.360yield.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| NL | 185.89.210.46:443 | secure.adnxs.com | tcp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| DE | 91.228.74.166:443 | cms.quantserve.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| IE | 54.154.106.181:443 | pr-bh.ybp.yahoo.com | tcp |
| DK | 37.157.2.229:443 | c1.adform.net | tcp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| US | 3.226.96.179:443 | i.liadm.com | tcp |
| DE | 69.173.144.152:443 | beacon-fra2.rubiconproject.com | tcp |
| DE | 35.156.61.253:443 | match.sharethrough.com | tcp |
| IE | 3.255.217.67:443 | s.update.sharethru.com | tcp |
| IE | 34.249.143.67:443 | match.prod.bidr.io | tcp |
| US | 80.77.87.161:443 | cs.admanmedia.com | tcp |
| DE | 3.160.39.83:443 | s.ad.smaato.net | tcp |
| IE | 52.31.57.205:443 | ad.360yield.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| IE | 3.255.217.67:443 | s.update.sharethru.com | tcp |
| US | 104.18.22.145:443 | cadmus2.script.ac | tcp |
| IE | 3.255.217.67:443 | s.update.sharethru.com | tcp |
| US | 8.8.8.8:53 | 145.22.18.104.in-addr.arpa | udp |
| FR | 45.137.176.88:443 | sync.adotmob.com | tcp |
| NL | 81.17.55.116:443 | rtb-csync.smartadserver.com | tcp |
| NL | 81.17.55.116:443 | rtb-csync.smartadserver.com | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| US | 104.17.240.158:443 | analytics.crazygames.com | tcp |
| DE | 35.158.160.246:443 | btlr.sharethrough.com | tcp |
| US | 172.64.151.101:443 | dsum-sec.casalemedia.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| DE | 18.64.79.8:443 | hb.yellowblue.io | tcp |
| US | 8.8.8.8:53 | 244.210.89.185.in-addr.arpa | udp |
| DE | 18.64.95.121:443 | aax.amazon-adsystem.com | tcp |
| IE | 3.255.217.67:443 | s.update.sharethru.com | tcp |
| IE | 3.255.217.67:443 | s.update.sharethru.com | tcp |
| DE | 18.185.127.61:443 | btlr.sharethrough.com | tcp |
| DE | 18.185.127.61:443 | btlr.sharethrough.com | tcp |
| GB | 2.18.190.147:443 | cdn.doubleverify.com | tcp |
| NL | 69.173.156.131:443 | beacon-ams3.rubiconproject.com | tcp |
| DE | 18.66.2.64:443 | gw.geoedge.be | tcp |
| GB | 54.230.10.71:443 | groundcontrol.sharethrough.com | tcp |
| DE | 18.64.103.116:443 | b.sharethrough.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| NL | 89.149.193.84:443 | ssbsync.smartadserver.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| IE | 34.249.143.67:443 | match.prod.bidr.io | tcp |
| DE | 91.228.74.166:443 | cms.quantserve.com | tcp |
| US | 192.132.33.68:443 | bttrack.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| IE | 52.31.57.205:443 | ad.360yield.com | tcp |
| US | 54.157.168.221:443 | sync.srv.stackadapt.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| DK | 37.157.2.229:443 | c1.adform.net | tcp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| US | 151.101.66.49:443 | sync-tm.everesttech.net | tcp |
| NL | 46.228.174.117:443 | usermatch.targeting.unrulymedia.com | tcp |
| NL | 63.215.202.169:443 | stx-match.dotomi.com | tcp |
| US | 70.42.32.31:443 | b1sync.zemanta.com | tcp |
| US | 80.77.87.161:443 | cs.admanmedia.com | tcp |
| DE | 3.160.39.83:443 | s.ad.smaato.net | tcp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| IE | 54.154.106.181:443 | pr-bh.ybp.yahoo.com | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 3.226.96.179:443 | i.liadm.com | tcp |
| DE | 69.173.144.152:443 | beacon-fra2.rubiconproject.com | tcp |
| DE | 35.156.61.253:443 | match.sharethrough.com | tcp |
| DE | 35.156.61.253:443 | match.sharethrough.com | tcp |
| DE | 35.156.61.253:443 | match.sharethrough.com | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| DE | 116.202.167.133:443 | inv-nets.admixer.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| DE | 18.64.103.116:443 | b.sharethrough.com | tcp |
| US | 13.107.21.237:443 | bat.bing.com | tcp |
| US | 104.17.240.158:443 | analytics.crazygames.com | tcp |
| DE | 35.156.61.253:443 | match.sharethrough.com | tcp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 23.197.141.223:80 | answers.microsoft.com | tcp |
| DE | 23.197.141.223:80 | answers.microsoft.com | tcp |
| DE | 23.197.141.223:443 | answers.microsoft.com | tcp |
| IE | 20.190.159.73:443 | login.microsoftonline.com | tcp |
| US | 152.199.21.175:443 | aadcdn.msftauth.net | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| US | 172.64.151.101:443 | dsum-sec.casalemedia.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| DE | 18.64.79.8:443 | hb.yellowblue.io | tcp |
| US | 8.8.8.8:53 | 175.21.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.32.126.40.in-addr.arpa | udp |
| DE | 18.185.127.61:443 | btlr.sharethrough.com | tcp |
| DE | 18.64.95.121:443 | aax.amazon-adsystem.com | tcp |
| NL | 23.200.189.225:443 | www.microsoft.com | tcp |
| US | 13.107.246.64:443 | consentdeliveryfd.azurefd.net | tcp |
| US | 13.107.246.64:443 | consentdeliveryfd.azurefd.net | tcp |
| US | 13.107.246.64:443 | consentdeliveryfd.azurefd.net | tcp |
| US | 13.107.246.64:443 | consentdeliveryfd.azurefd.net | tcp |
| US | 13.107.246.64:443 | consentdeliveryfd.azurefd.net | tcp |
| NL | 23.200.189.225:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | mem.gfx.ms | udp |
| US | 13.107.246.64:443 | mem.gfx.ms | tcp |
| US | 13.107.246.64:443 | mem.gfx.ms | tcp |
| US | 13.107.246.64:443 | mem.gfx.ms | tcp |
| NL | 89.207.16.204:443 | tcp | |
| US | 151.101.66.49:443 | sync-tm.everesttech.net | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| DE | 18.185.127.61:443 | btlr.sharethrough.com | tcp |
| US | 172.64.151.101:443 | dsum-sec.casalemedia.com | tcp |
| DE | 18.64.79.8:443 | hb.yellowblue.io | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| DE | 18.185.127.61:443 | btlr.sharethrough.com | tcp |
| DE | 18.64.95.121:443 | aax.amazon-adsystem.com | tcp |
| GB | 2.18.190.147:443 | cdn.doubleverify.com | tcp |
| NL | 69.173.156.131:443 | beacon-ams3.rubiconproject.com | tcp |
| DE | 18.66.2.79:443 | gw.geoedge.be | tcp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| DE | 3.160.39.90:443 | groundcontrol.sharethrough.com | tcp |
| US | 8.8.8.8:53 | rtb0.doubleverify.com | udp |
| US | 8.8.8.8:53 | ssum-sec.casalemedia.com | udp |
| DE | 3.160.39.90:443 | groundcontrol.sharethrough.com | tcp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | udp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| CA | 85.91.47.140:443 | a1869.casalemedia.com | tcp |
| DE | 18.64.103.102:443 | b.sharethrough.com | tcp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | tcp |
| DE | 18.64.103.102:443 | b.sharethrough.com | tcp |
| US | 104.18.38.76:443 | js-sec.indexww.com | tcp |
| US | 8.8.8.8:53 | 102.103.64.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.47.91.85.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.38.18.104.in-addr.arpa | udp |
| DE | 157.240.27.35:443 | www.facebook.com | tcp |
| US | 164.92.122.81:443 | matchmaking.bloxd.io | tcp |
| US | 184.73.195.155:443 | api.gameanalytics.com | tcp |
| US | 8.8.8.8:53 | gs-classic-wf2cwlfeorztxe8ec3eyb.bloxd.io | udp |
| US | 64.23.155.214:443 | gs-classic-wf2cwlfeorztxe8ec3eyb.bloxd.io | tcp |
| US | 64.23.155.214:443 | gs-classic-wf2cwlfeorztxe8ec3eyb.bloxd.io | tcp |
| US | 13.107.21.237:443 | bat.bing.com | tcp |
| US | 184.73.195.155:443 | api.gameanalytics.com | tcp |
| DE | 18.66.2.79:443 | gw.geoedge.be | tcp |
| US | 64.23.155.214:443 | gs-classic-wf2cwlfeorztxe8ec3eyb.bloxd.io | tcp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| NL | 89.149.193.84:443 | ssbsync.smartadserver.com | tcp |
| US | 8.8.8.8:53 | secure-assets.rubiconproject.com | udp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| DE | 18.64.103.102:443 | b.sharethrough.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| DE | 18.64.79.8:443 | hb.yellowblue.io | tcp |
| US | 172.64.151.101:443 | ssum-sec.casalemedia.com | tcp |
| DE | 18.64.95.121:443 | aax.amazon-adsystem.com | tcp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| NL | 81.17.55.116:443 | rtb-csync.smartadserver.com | tcp |
| NL | 81.17.55.116:443 | rtb-csync.smartadserver.com | tcp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| US | 8.8.8.8:53 | sync-tm.everesttech.net | udp |
| DE | 3.71.91.116:443 | match.sharethrough.com | tcp |
| US | 151.101.194.49:443 | sync-tm.everesttech.net | tcp |
| NL | 172.217.168.226:443 | www.googletagservices.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 52.46.143.56:443 | s.amazon-adsystem.com | tcp |
| GB | 2.18.190.147:443 | cdn.doubleverify.com | tcp |
| DE | 69.173.144.152:443 | beacon-fra2.rubiconproject.com | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| US | 8.8.8.8:53 | 56.143.46.52.in-addr.arpa | udp |
| US | 104.17.240.158:443 | builds.crazygames.com | tcp |
| US | 172.64.151.101:443 | ssum-sec.casalemedia.com | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| DE | 18.185.127.61:443 | btlr.sharethrough.com | tcp |
| DE | 18.64.79.8:443 | hb.yellowblue.io | tcp |
| US | 104.18.95.41:443 | challenges.cloudflare.com | tcp |
| DE | 18.64.95.121:443 | aax.amazon-adsystem.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| DE | 18.66.2.79:443 | gw.geoedge.be | tcp |
| GB | 2.18.190.133:443 | cdn.doubleverify.com | tcp |
| NL | 69.173.156.131:443 | beacon-ams3.rubiconproject.com | tcp |
| DE | 3.160.39.90:443 | groundcontrol.sharethrough.com | tcp |
| DE | 18.64.103.102:443 | b.sharethrough.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| NL | 89.149.193.84:443 | ssbsync.smartadserver.com | tcp |
| DE | 3.71.91.116:443 | match.sharethrough.com | tcp |
| US | 151.101.194.49:443 | sync-tm.everesttech.net | tcp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| NL | 81.17.55.116:443 | rtb-csync.smartadserver.com | tcp |
| NL | 46.228.174.117:443 | usermatch.targeting.unrulymedia.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 192.132.33.68:443 | bttrack.com | tcp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| DE | 69.173.144.152:443 | beacon-fra2.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | match.prod.bidr.io | udp |
| US | 80.77.87.161:443 | cs.admanmedia.com | tcp |
| US | 8.8.8.8:53 | s.ad.smaato.net | udp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| US | 8.8.8.8:53 | ad.360yield.com | udp |
| US | 50.31.142.127:443 | b1sync.zemanta.com | tcp |
| US | 35.244.159.8:443 | us-u.openx.net | udp |
| US | 8.8.8.8:53 | cms.quantserve.com | udp |
| US | 34.96.105.8:443 | tr.blismedia.com | udp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 54.160.252.88:443 | sync.srv.stackadapt.com | tcp |
| DK | 37.157.2.229:443 | c1.adform.net | tcp |
| GB | 185.64.191.214:443 | image8.pubmatic.com | tcp |
| US | 34.238.98.116:443 | i.liadm.com | tcp |
| IE | 54.171.171.31:443 | pr-bh.ybp.yahoo.com | tcp |
| IE | 54.171.44.102:443 | ad.360yield.com | tcp |
| DE | 3.160.39.3:443 | s.ad.smaato.net | tcp |
| DE | 91.228.74.200:443 | cms.quantserve.com | tcp |
| DE | 3.160.39.3:443 | s.ad.smaato.net | tcp |
| IE | 54.171.44.102:443 | ad.360yield.com | tcp |
| DE | 91.228.74.200:443 | cms.quantserve.com | tcp |
| IE | 54.171.171.31:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 34.238.98.116:443 | i.liadm.com | tcp |
| DE | 69.173.144.152:443 | beacon-fra2.rubiconproject.com | tcp |
| IE | 34.249.143.67:443 | match.prod.bidr.io | tcp |
| NL | 63.215.202.140:443 | stx-match.dotomi.com | tcp |
| US | 8.8.8.8:53 | 31.171.171.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 102.44.171.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.74.228.91.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.98.238.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.39.160.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.202.215.63.in-addr.arpa | udp |
| DE | 3.71.91.116:443 | match.sharethrough.com | tcp |
| DE | 18.64.103.102:443 | b.sharethrough.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| FR | 149.202.238.105:443 | rtb-csync.smartadserver.com | tcp |
| US | 13.107.21.237:443 | bat.bing.com | tcp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| US | 151.101.194.49:443 | sync-tm.everesttech.net | tcp |
| GB | 2.18.190.132:443 | identity.nel.measure.office.net | tcp |
| US | 104.17.240.158:443 | videos.crazygames.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| DE | 18.64.79.29:443 | hb.yellowblue.io | tcp |
| DE | 18.64.95.121:443 | aax.amazon-adsystem.com | tcp |
| DE | 18.197.60.108:443 | btlr.sharethrough.com | tcp |
| DE | 18.197.60.108:443 | btlr.sharethrough.com | tcp |
| US | 104.18.239.210:443 | videos.crazygames.com | tcp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| US | 151.101.194.208:443 | images.crazygames.com | tcp |
| US | 104.17.240.158:443 | videos.crazygames.com | tcp |
| US | 104.18.239.210:443 | videos.crazygames.com | tcp |
| NL | 172.217.23.206:443 | google.com | udp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| GB | 2.18.190.132:443 | identity.nel.measure.office.net | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 172.217.168.246:443 | i.ytimg.com | udp |
| US | 104.17.240.158:443 | videos.crazygames.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| NL | 172.217.23.206:443 | google.com | udp |
| NL | 172.217.168.195:443 | www.google.co.uk | udp |
| NL | 142.251.36.34:443 | googleads.g.doubleclick.net | udp |
| NL | 172.217.168.195:443 | www.google.co.uk | tcp |
| NL | 142.251.36.34:443 | googleads.g.doubleclick.net | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| DE | 18.64.79.28:443 | hb.yellowblue.io | tcp |
| DE | 18.185.127.61:443 | btlr.sharethrough.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| DE | 18.64.95.121:443 | aax.amazon-adsystem.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| NL | 142.250.179.162:443 | googleads4.g.doubleclick.net | udp |
| DE | 141.95.33.120:443 | lb.eu-1-id5-sync.com | tcp |
| DE | 162.19.138.119:443 | lb.eu-1-id5-sync.com | tcp |
| US | 172.240.45.73:443 | gov.aniview.com | tcp |
| DE | 3.162.86.128:443 | c.amazon-adsystem.com | tcp |
| DE | 3.162.86.128:443 | c.amazon-adsystem.com | tcp |
| NL | 63.215.202.146:443 | proc.ad.cpe.dotomi.com | tcp |
| DE | 18.66.2.56:443 | gw.geoedge.be | tcp |
| IE | 67.220.224.144:443 | aax-eu.amazon-adsystem.com | tcp |
| NL | 172.217.168.226:443 | www.googletagservices.com | udp |
| NL | 142.250.179.162:443 | googleads4.g.doubleclick.net | udp |
| CA | 85.91.47.117:443 | a1846.casalemedia.com | tcp |
| NL | 142.250.179.162:443 | googleads4.g.doubleclick.net | tcp |
| CA | 85.91.47.117:443 | a1846.casalemedia.com | tcp |
| BR | 142.251.129.227:443 | csi.gstatic.com | tcp |
| US | 8.8.8.8:53 | servedby.flashtalking.com | udp |
| BR | 142.251.129.227:443 | csi.gstatic.com | tcp |
| DE | 23.197.128.137:443 | servedby.flashtalking.com | tcp |
| GB | 2.18.190.133:443 | cdn.doubleverify.com | tcp |
| US | 8.8.8.8:53 | 227.129.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.47.91.85.in-addr.arpa | udp |
| US | 104.17.240.158:443 | ragdoll-archers.game-files.crazygames.com | tcp |
| NL | 2.16.6.6:443 | ajs-assets.ftstatic.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| DE | 18.64.119.103:443 | agen-assets.ftstatic.com | tcp |
| DE | 18.64.119.103:443 | agen-assets.ftstatic.com | tcp |
| BR | 142.251.129.227:443 | csi.gstatic.com | udp |
| US | 8.8.8.8:53 | d9.flashtalking.com | udp |
| IE | 52.17.202.108:443 | d9.flashtalking.com | tcp |
| IE | 52.17.202.108:443 | d9.flashtalking.com | tcp |
| US | 8.8.8.8:53 | js.ad-score.com | udp |
| US | 8.8.8.8:53 | cdn.flashtalking.com | udp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| DE | 18.64.119.7:443 | js.ad-score.com | tcp |
| NL | 23.200.188.48:443 | cdn.flashtalking.com | tcp |
| NL | 23.200.188.48:443 | cdn.flashtalking.com | tcp |
| NL | 23.200.188.48:443 | cdn.flashtalking.com | tcp |
| DE | 18.64.119.7:443 | js.ad-score.com | tcp |
| NL | 23.200.188.48:443 | cdn.flashtalking.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 46.228.174.117:443 | usermatch.targeting.unrulymedia.com | tcp |
| NL | 64.158.223.137:443 | stx-match.dotomi.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| NL | 46.228.174.117:443 | usermatch.targeting.unrulymedia.com | tcp |
| IE | 54.171.171.31:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 34.36.216.150:443 | pixel-sync.sitescout.com | udp |
| NL | 64.158.223.137:443 | stx-match.dotomi.com | tcp |
| US | 15.197.193.217:443 | match.adsrvr.org | tcp |
| IE | 54.171.171.31:443 | pr-bh.ybp.yahoo.com | tcp |
| DE | 18.64.119.7:443 | js.ad-score.com | tcp |
| DE | 23.197.128.137:443 | servedby.flashtalking.com | tcp |
| FR | 178.250.7.13:443 | dnacdn.net | tcp |
| GB | 13.42.124.218:443 | ad-events.flashtalking.com | tcp |
| US | 8.8.8.8:53 | match.sharethrough.com | udp |
| DE | 35.156.61.253:443 | match.sharethrough.com | tcp |
| US | 130.211.115.4:443 | data.ad-score.com | tcp |
| NL | 23.200.188.48:443 | stat.flashtalking.com | tcp |
| US | 104.18.239.210:443 | ragdoll-archers.game-files.crazygames.com | tcp |
| US | 13.107.21.237:443 | bat.bing.com | tcp |
| US | 172.64.151.101:443 | htlb.casalemedia.com | tcp |
| US | 172.240.45.73:443 | gov.aniview.com | tcp |
| NL | 185.64.189.112:443 | hbopenbid.pubmatic.com | tcp |
| DE | 18.185.127.61:443 | btlr.sharethrough.com | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| DE | 18.64.79.28:443 | hb.yellowblue.io | tcp |
| US | 130.211.115.4:443 | data.ad-score.com | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| DE | 18.185.127.61:443 | btlr.sharethrough.com | tcp |
| NL | 69.173.156.139:443 | fastlane.rubiconproject.com | tcp |
| DE | 18.64.95.121:443 | aax.amazon-adsystem.com | tcp |
| NL | 142.250.179.193:443 | ed20a114b270f0004571886501fdc14b.safeframe.googlesyndication.com | udp |
| NL | 142.251.39.97:443 | tpc.googlesyndication.com | udp |
| NL | 142.250.179.162:443 | googleads4.g.doubleclick.net | udp |
| GB | 2.18.190.133:443 | cdn.doubleverify.com | tcp |
| NL | 69.173.156.150:443 | prebid-server.rubiconproject.com | tcp |
| DE | 18.185.127.61:443 | btlr.sharethrough.com | tcp |
| US | 8.8.8.8:53 | b.sharethrough.com | udp |
| DE | 18.64.103.20:443 | b.sharethrough.com | tcp |
| DE | 3.160.39.104:443 | groundcontrol.sharethrough.com | tcp |
| NL | 69.173.156.131:443 | beacon-ams3.rubiconproject.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| DE | 18.66.2.56:443 | gw.geoedge.be | tcp |
| US | 199.232.209.91:80 | softonic.com | tcp |
| US | 199.232.209.91:80 | softonic.com | tcp |
| US | 199.232.209.91:443 | softonic.com | tcp |
| US | 8.8.8.8:53 | www.softonic.com | udp |
| US | 151.101.1.91:443 | www.softonic.com | tcp |
| US | 8.8.8.8:53 | 91.209.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | sdk.privacy-center.org | udp |
| US | 8.8.8.8:53 | images.sftcdn.net | udp |
| US | 151.101.129.91:443 | images.sftcdn.net | tcp |
| US | 151.101.129.91:443 | images.sftcdn.net | tcp |
| US | 151.101.129.91:443 | images.sftcdn.net | tcp |
| US | 151.101.129.91:443 | images.sftcdn.net | tcp |
| US | 151.101.193.91:443 | images.sftcdn.net | tcp |
| US | 151.101.193.91:443 | images.sftcdn.net | tcp |
| US | 151.101.193.91:443 | images.sftcdn.net | tcp |
| US | 151.101.193.91:443 | images.sftcdn.net | tcp |
| US | 151.101.193.91:443 | images.sftcdn.net | tcp |
| US | 151.101.193.91:443 | images.sftcdn.net | tcp |
| DE | 18.66.2.51:443 | sdk.privacy-center.org | tcp |
| US | 8.8.8.8:53 | 51.2.66.18.in-addr.arpa | udp |
| US | 151.101.193.91:443 | images.sftcdn.net | udp |
| US | 151.101.129.91:443 | images.sftcdn.net | udp |
| NL | 139.45.197.227:443 | notix.io | tcp |
| DE | 3.160.39.27:443 | api.privacy-center.org | tcp |
| NL | 2.16.106.196:443 | r.bing.com | tcp |
| FR | 51.178.195.213:443 | ssbsync.smartadserver.com | tcp |
| NL | 2.16.106.200:443 | r.bing.com | tcp |
| NL | 2.16.106.200:443 | r.bing.com | tcp |
| NL | 2.16.106.200:443 | r.bing.com | tcp |
| NL | 2.16.106.200:443 | r.bing.com | tcp |
| DE | 35.156.61.253:443 | match.sharethrough.com | tcp |
| IE | 34.249.143.67:443 | match.prod.bidr.io | tcp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| NL | 89.149.193.121:443 | rtb-csync.smartadserver.com | tcp |
| NL | 89.149.193.121:443 | rtb-csync.smartadserver.com | tcp |
| NL | 2.16.106.196:443 | r.bing.com | tcp |
| DE | 57.129.18.111:443 | wt.rqtrk.eu | tcp |
| DE | 3.160.39.83:443 | s.ad.smaato.net | tcp |
| NL | 46.228.174.117:443 | usermatch.targeting.unrulymedia.com | tcp |
| NL | 178.250.1.9:443 | dis.criteo.com | tcp |
| DE | 18.66.2.99:443 | gw.geoedge.be | tcp |
| DE | 85.114.159.118:443 | dsp.adfarm1.adition.com | tcp |
| DE | 18.64.103.20:443 | b.sharethrough.com | tcp |
| NL | 69.173.156.131:443 | beacon-ams3.rubiconproject.com | tcp |
| GB | 2.18.190.133:443 | cdn.doubleverify.com | tcp |
| DE | 69.173.144.152:443 | beacon-fra2.rubiconproject.com | tcp |
| US | 130.211.44.5:443 | rtb0.doubleverify.com | tcp |
| NL | 69.173.156.148:443 | token.rubiconproject.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.133:443 | raw.githubusercontent.com | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| NL | 172.217.23.194:443 | googleads4.g.doubleclick.net | udp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| GB | 2.18.190.141:443 | identity.nel.measure.office.net | tcp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| US | 199.232.209.91:80 | softonic.com | tcp |
| US | 199.232.209.91:80 | softonic.com | tcp |
| US | 199.232.209.91:443 | softonic.com | tcp |
| US | 151.101.1.91:443 | images.sftcdn.net | udp |
| US | 8.8.8.8:53 | sdk.privacy-center.org | udp |
| DE | 18.66.2.107:443 | sdk.privacy-center.org | tcp |
| US | 151.101.193.91:443 | images.sftcdn.net | udp |
| NL | 139.45.197.227:443 | notix.io | tcp |
| DE | 3.160.39.68:443 | api.privacy-center.org | tcp |
| NL | 2.16.106.200:443 | r.bing.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.133:443 | raw.githubusercontent.com | tcp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 21.114.82.140.in-addr.arpa | udp |
| US | 185.199.108.133:443 | raw.githubusercontent.com | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 50.63.8.124:80 | pcoptimizerpro.com | tcp |
| US | 50.63.8.124:80 | pcoptimizerpro.com | tcp |
| US | 50.63.8.124:80 | pcoptimizerpro.com | tcp |
| NL | 2.16.106.200:443 | r.bing.com | tcp |
| US | 20.44.10.122:443 | browser.pipe.aria.microsoft.com | tcp |
| NL | 2.16.106.200:443 | r.bing.com | tcp |
| NL | 2.16.106.200:443 | r.bing.com | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.251.39.100:80 | google.co.ck | tcp |
| NL | 142.250.179.196:80 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
Files
\??\pipe\crashpad_2972_NWMECVAHBRYEAFVZ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7b94adb74debdfd82f95835caf41d3cc |
| SHA1 | fa743ee8fbde2a9ea2a2398e478491ac2d0dfaf2 |
| SHA256 | c782d3e6bc610ea9a0cbcea767668fee5725dfca21789da35768d7d7cc9ee83d |
| SHA512 | 420fe3266df926c66f53feddee08b099474e50a76e7a2efde1144ae6d64381e7c5650cc5d7f10c800ca953731d057b122214747f1bd8d126dfa6bd2234d3843b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 14325fba0798509afbda44298b228b55 |
| SHA1 | 173dcb9622af709ef5d53d6864708ee39a92489f |
| SHA256 | 139e42abe472f2ffe483a38341d405ede2bfea34a1f7d808857a6b44a1afbd16 |
| SHA512 | 19ae9d89d3757151c267144dca499ddee66499cbc05760a842414470e35e9fe9784d13bfb1fcfdb53f866da374609d9b654dcfa17902c140b07cde0de30fc744 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9f658197002c5847e7cafcec44c911de |
| SHA1 | 78591397143c6da06879a253f9c5a30e6b879b6f |
| SHA256 | 6ed28e7728c3c9c85186228a84d8cd9918f90b1a2fa1754d521a938283429766 |
| SHA512 | c58ede4738899e39b7ab829dd88e8718ea6c01c883b96d272ba7290e9b967a1e9a7dfc4f31b532c72e764a3d43356c291159ecc50ea9197733b122770af6c528 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 87df0f2eaddef5681900fdfa81f01f0d |
| SHA1 | 57fad48e55bdf5a5011cd0b59097588c9242244e |
| SHA256 | 9133416035fbbde392ed25080e94f9e47da238aeeb40d266df2ec7522d448999 |
| SHA512 | a3b9bbbdd2b6af352f2b948a8d8103a096ab36ae1ac9fcafa8115bff880015bfecd9a946b93f12bc5a8e824f7850a885e2d6150f66679605a74d5ec3258c4e89 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e8115549491cca16e7bfdfec9db7f89a |
| SHA1 | d1eb5c8263cbe146cd88953bb9886c3aeb262742 |
| SHA256 | dfa9a8b54936607a5250bec0ed3e2a24f96f4929ca550115a91d0d5d68e4d08e |
| SHA512 | 851207c15de3531bd230baf02a8a96550b81649ccbdd44ad74875d97a700271ef96e8be6e1c95b2a0119561aee24729cb55c29eb0b3455473688ef9132ed7f54 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 3e2612636cf368bc811fdc8db09e037d |
| SHA1 | d69e34379f97e35083f4c4ea1249e6f1a5f51d56 |
| SHA256 | 2eecaacf3f2582e202689a16b0ac1715c628d32f54261671cf67ba6abbf6c9f9 |
| SHA512 | b3cc3bf967d014f522e6811448c4792eed730e72547f83eb4974e832e958deb7e7f4c3ce8e0ed6f9c110525d0b12f7fe7ab80a914c2fe492e1f2d321ef47f96d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 94ff8976c76a3aef40d85c9b5936e550 |
| SHA1 | f0acfc0bd32e194c15e6ec65ed068bd7db451155 |
| SHA256 | 4a91d943d2b8f21d557e72e6b985fedc76ebf1c27adc42b1fa5b1a0d8c7d2804 |
| SHA512 | 96a4d67831180545a38c584d22b0f82cfbb6a67c19cedb924f49679ab6ce3d739b47c02476b0ae7a3a3a7da28fa63d67721d7253a80559fb1b093765d804beec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 7eccc9e0e7ce7926960884d732286622 |
| SHA1 | 4814cda27637c68432471f98a578164d3ff5c316 |
| SHA256 | 079bb84af62458b71a89ac82f6bc93caa4aa0d2c928ca70014c138671c2bb0c2 |
| SHA512 | c8487589895daa40f68c865b7a959c5b29a5ed41860af1318f5b613b40fbedda75069f05ee460a5900399ee349e32374ebe9b14c0394d39afd3414051d09c0c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8c1b16c68c203a1d311ef877751752bf |
| SHA1 | a2cc0d144845e9391de67f78a0e41c8353e315d7 |
| SHA256 | b9f29f260da734888007f06114ff321ef805b88b8fd80e5642b4227c97437c14 |
| SHA512 | af4bb152d73b9b8e239e42d2660ef17cd3161be0c0bdfc2499eb35a82c9d8c0806bbfa7346004898b8715b85873f0f67a0c4c65a0698b5be7a08c28f34b5cc82 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | 24a806fccb1d271a0e884e1897f2c1bc |
| SHA1 | 11bde7bb9cc39a5ef1bcddfc526f3083c9f2298a |
| SHA256 | e83f90413d723b682d15972abeaaa71b9cead9b0c25bf8aac88485d4be46fb85 |
| SHA512 | 33255665affcba0a0ada9cf3712ee237c92433a09cda894d63dd1384349e2159d0fe06fa09cca616668ef8fcbb8d0a73ef381d30702c20aad95fc5e9396101ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | cc6a7af85ef808b23fb0d7856ed6aafb |
| SHA1 | 9c32e7d7b33e9769211fbce53001a17848d546b5 |
| SHA256 | 0d8b4860b16e4ee74beff0e2034bd195352dba61a455efdeb35d6ede7c4c7391 |
| SHA512 | d9e9086a0d6827ba073028b67a73e8d0936ff9813238075af53dd75af0f7417b56dc4642417ced05af36ec9e66bac671ab8ed9d0f73dd7b84a6695026ba2abf6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | d6b36c7d4b06f140f860ddc91a4c659c |
| SHA1 | ccf16571637b8d3e4c9423688c5bd06167bfb9e9 |
| SHA256 | 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92 |
| SHA512 | 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | 2e86a72f4e82614cd4842950d2e0a716 |
| SHA1 | d7b4ee0c9af735d098bff474632fc2c0113e0b9c |
| SHA256 | c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f |
| SHA512 | 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | 56d57bc655526551f217536f19195495 |
| SHA1 | 28b430886d1220855a805d78dc5d6414aeee6995 |
| SHA256 | f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4 |
| SHA512 | 7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
| MD5 | b38fbbd0b5c8e8b4452b33d6f85df7dc |
| SHA1 | 386ba241790252df01a6a028b3238de2f995a559 |
| SHA256 | b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd |
| SHA512 | 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
| MD5 | 027a77a637cb439865b2008d68867e99 |
| SHA1 | ba448ff5be0d69dbe0889237693371f4f0a2425e |
| SHA256 | 6f0e8c5ae26abbae3efc6ca213cacaaebd19bf2c7ed88495289a8f40428803dd |
| SHA512 | 66f8fbdd68de925148228fe1368d78aa8efa5695a2b4f70ab21a0a4eb2e6e9f0f54ed57708bd9200c2bbe431b9d09e5ca08c3f29a4347aeb65b090790652b5c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 52f131654936ff7761674ab8ae3fe4c7 |
| SHA1 | 97cb9e4a134bfaad7f359278225db41fb4d21a85 |
| SHA256 | 0e821a80d26e642c7e067cf39b8d53cde727cca5594f348cd1286152761be70a |
| SHA512 | 13a1920ae91fbbef851e721e001fb26c908b2d7ef9af0459b09e429177d9a7d439078a832221768a40fce3119fb599bb07c8aa2a44cdb99b5f80b02e14e1d78c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 807419ca9a4734feaf8d8563a003b048 |
| SHA1 | a723c7d60a65886ffa068711f1e900ccc85922a6 |
| SHA256 | aa10bf07b0d265bed28f2a475f3564d8ddb5e4d4ffee0ab6f3a0cc564907b631 |
| SHA512 | f10d496ae75db5ba412bd9f17bf0c7da7632db92a3fabf7f24071e40f5759c6a875ad8f3a72bad149da58b3da3b816077df125d0d9f3544adba68c66353d206c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 21aca0c262f7f992ab3f9a14102059b3 |
| SHA1 | c51892250895636dae7a8ed449799594a35efe1f |
| SHA256 | 72e2779becb0ca31b9e4a8dbba0652a7b0e0e71788c9b050408e39fa54f69a1c |
| SHA512 | 1f86e0af2c98372471a3b5cddaf331f8ab7407c09a423fe51f6f2fd280c0980737a744242015c2783f489d0a6fb931a80a99c4d7a432bd7420a94c7da8d8cd68 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f6f26d0cbae6609ab1eecdc3358719d8 |
| SHA1 | fb71597a7edf6ad5a292b7bba64b57b0a71548ee |
| SHA256 | 7b0acbd6790a6d14141eac769777a3809e589eaf70928233f361cb927f7643cb |
| SHA512 | d7f618fafb79b483f8f2895f2797c7cee4f6456150c9422e6bac502e62aaec37bede2f81f6eb0025a5ad6e472702b61eb96cd8e4e9f696e1b26cdce9620d6610 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58729b.TMP
| MD5 | ad3ffc4d857a045461da9abc342abb2a |
| SHA1 | af64828e53557f11d384faef38500cf339c66797 |
| SHA256 | 14d16bade63523c68b94f7a0e2940bea6a9d8f98943c464b2c77819ef53575d9 |
| SHA512 | b0c710121506556b5710b97ae00c4c2a93003911c21d540ead2a12b3365b78e6fe151aae20cd81f62d090f1e28d86fec5f1fc991d67db5fec16dae831d7dc2ec |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | db3115e9edbf3fd3701a969d280045fc |
| SHA1 | eba3af7431e9c2f54427490e16d172958ff36ab6 |
| SHA256 | 9d3fbe95a77d15d105c1670e06acb91a02cf9a1db46542987830fa70fbe4e717 |
| SHA512 | 8ac82911c962307df9d6239bd7dd0aeab0b3de6dd598d8e4139410cb8b2020a5f7d247045bf6116ad4b7d5f632af8601c74ae31c1ae213364a0310842faad0f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2e30bc56d3efdc345b8ac2450fbed7a5 |
| SHA1 | ea880a84e579dfa6a1480c797d2ba95ae9e39f20 |
| SHA256 | 2f23d445c711c5d4d4751515c33d991ba124b08e6e61e0448b13d2b028f99797 |
| SHA512 | f87737bf37712e159cad999c3d74a72da7c4464e99a75c51ad63f3301991ddd3e71dbbc4cacbccbfdd614e7abbff7cddbd8b1a8ff897dcccb2a8b465b269e4f0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e171ebd4da5e32ba92cc6985c794a581 |
| SHA1 | 32ea0e8bdb2239281af1ccbe329f407e94f824da |
| SHA256 | 00a99b834a3dfa2cd5b80bccffda8be20b6dc0f5798e668ce457133cdbf86ee8 |
| SHA512 | 3de8fe3792a6e653063e07fb541d335cb855296e13a61f2c497a1beb129f688de03387072dc9ae7b02d186204305641fa93131b934ec2bcb1a8dcb5a470aeae9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 285252a2f6327d41eab203dc2f402c67 |
| SHA1 | acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6 |
| SHA256 | 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026 |
| SHA512 | 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5606465b797991e4ee80a0998f00ffe6 |
| SHA1 | 362add007ba9e96322c173436851066e86db110c |
| SHA256 | e138d0d9256f15f33ad4546da551a01eaf2e58fa0ac22e586e48362ded319263 |
| SHA512 | 4ec1bb0d4e287369bf01e17d3e181b446024640196d192f0df9f37b5a76460286603ee5f944381923e7f70df59f2968ddddbaa820f9a98ed193fbfa84ab13305 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 21b68d54bcb2bcdf6c20fba75d794932 |
| SHA1 | 69b35518c0d2640c82da72396ca3729be947be4e |
| SHA256 | 55803c67d0d29e2056eb9ca07eed75f44a408534970260b7432643439b2b0487 |
| SHA512 | a45baf512bf0228f73cf797ac05117ac443943adbbaa9afa53d3a415e3637da31d91bd33582bb4ccbae1eec323a849d40093c0d335c2d701d78aaed05f5d8060 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2f37c14d03a29aab7b73c39ca40701f7 |
| SHA1 | ba88af7714f45ff839dfae3c1b60df82d4176308 |
| SHA256 | fc1fc1b662ef2acb444dcb5741c1a5d6218b6f3b468e1784866387b4d1794af7 |
| SHA512 | e21c188ad7943f7ffe9fd7903eacf978947973da83111859d0cfb2425cea3ba29d5f83803151da73ad74860d3d2309375ba392d53ec29c6f25156edd0063775f |
C:\Users\Admin\Downloads\Solara.zip
| MD5 | a7b8a9578e28cf1efb2af79f23c63a53 |
| SHA1 | d6ccaa3bd3adf465de03e2a1f57e80fc8d638fb5 |
| SHA256 | 498ef5db7fae596a321995ea4f8ebffd123e44f3385874188c656841e852617d |
| SHA512 | 7ca1e56dff5ec9df09d4fb9317bd2fc9221c6c7852b6b60f75fd2b0b349485fa658b6685337836f8650aaad9253903c308e8713211212519db10dfe5eb6b452a |
C:\Users\Admin\Downloads\Solara.zip:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 972d293cfef39cb72162121a6a9e3b68 |
| SHA1 | 695811b74098f679854cea6679e75a45649de7cb |
| SHA256 | 989350a657ab697552f271fbc0941ac12eaac540d18eaceb9dc7729915c24817 |
| SHA512 | 4b864a6d92eacfcadfc8c2eb1a3399e7a6998647f4ac79a6344e407a2920d4e79f24cd344c5e3cc0ba4d060603350767e17d00cd83814e9dbe4b47b8134e529f |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | fe5c3a25f9a893056adb192204b79953 |
| SHA1 | 9bf5a4bbac741d7c6eabb8c60a5ef13cdcffeea3 |
| SHA256 | 3668947c73800a169033761ae2e0809f4c43198910b7355eb3b2bfd29e4a7f9b |
| SHA512 | f836f476e7c16822ea96416fd8901a7235213c1d3474eef76ac431aebdaf1740f1f9073b2c487261555546d7062aab3d93e72f4d29aeec586b7dd49ea4ec8ab1 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 5d5eb2f94e494e8442fc72baa16e60b7 |
| SHA1 | 370723e1f78548659d0b74ed6db075ea75979afb |
| SHA256 | 1e8b48502c17575b663e297a050ec71aee6a27aafc79e6dc5cfa965231575adb |
| SHA512 | 644e86e5945c9b972f854fa468b173ba40ac9f2890900f2a168de06ba20de86f045d736c8240e707c062b217c29a7a8d8363537d155fb6b951ba1461e5930a55 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 031b71a62a2fdeccb9b4450c1a5a45da |
| SHA1 | 8981f4cf618982ae302602d372bc0a6555e819a0 |
| SHA256 | 5320537fdaf7d045cd03d60122c2d46e094381a5f07dd300870452269d171f7b |
| SHA512 | 9036453262feecd339e19e9b2ebed9a15ff517d88167c06b8ed3067e25855bdf391a7e7751fdf17ee2a9a420076281f4f8e85cc66e8f6e3d0e5e28228059e49f |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | c5846456d937d0c32621b48395e32129 |
| SHA1 | 081dacf51cae024670b5d0f11ced3be71202b34a |
| SHA256 | 5dfa267f57520836dae09c64d86d4e9a8996d6b3e1784782917cd39145f7093b |
| SHA512 | d1e3cca2e42e779b6f6cb177edd3eb342c38e8e75b7fe6b32a1ff63f451e4e2cb0b70d503042e3304268a2ab77a23d661dce50888b82bea58d8dc0bc6df46a5d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c
| MD5 | b07f576446fc2d6b9923828d656cadff |
| SHA1 | 35b2a39b66c3de60e7ec273bdf5e71a7c1f4b103 |
| SHA256 | d261915939a3b9c6e9b877d3a71a3783ed5504d3492ef3f64e0cb508fee59496 |
| SHA512 | 7358cbb9ddd472a97240bd43e9cc4f659ff0f24bf7c2b39c608f8d4832da001a95e21764160c8c66efd107c55ff1666a48ecc1ad4a0d72f995c0301325e1b1df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | d9b427d32109a7367b92e57dae471874 |
| SHA1 | ce04c8aeb6d89d0961f65b28a6f4a03381fc9c39 |
| SHA256 | 9b02f8fe6810cacb76fbbcefdb708f590e22b1014dcae2732b43896a7ac060f3 |
| SHA512 | dcabc4223745b69039ea6a634b2c5922f0a603e5eeb339f42160adc41c33b74911bb5a3daa169cd01c197aeaca09c5e4a34e759b64f552d15f7a45816105fb07 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b7b1524d79a31482b14285be0c7431b4 |
| SHA1 | 7574b7bf4e62509466a631ff5842c33762c8de98 |
| SHA256 | ca6c683d9577fb4f157fa11c70e0225fecb3499ace8589bb88064499679e30d6 |
| SHA512 | 56fda4bd86c5ccb67363ea91e02a3496bb9043755cc8eded5f450fb6cc9a7f970338fa29d822f584607b7e898ceb15519e94314f4c037e59419a7be89b2ce1d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 93d51ffaae0d8877d9502a5c234b274f |
| SHA1 | 0c081405301dd5624bbb94320749c8bac077fb87 |
| SHA256 | 28281c28075d4f420823f5895b621ac190fa23ae5ea5c1b525adaf25065ec7be |
| SHA512 | 2105585307c23b6af675f7735571d102be019245f7cef4582bcc9774c2ee116f2a513039d1111db452974a9721ab820e593dde25448561fc16d8c7e4c8c205d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 97420e675f21bf80113281efca55fee5 |
| SHA1 | cab02267b2a406c07394b6ce3c002d32102b9a11 |
| SHA256 | 6c583564bbc053b9aeb72ed351e16c91aec4c139adb6f132f7d258466af149b7 |
| SHA512 | 3db2b28dede2207c863b6ca0a7fccdccab78dac65fc118c54ecb9c6ef8f008fbbebf1bea8e7706ab080111f0d583fb476d348599703fd5eafe542774b880e712 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e971d3377c7522da9900ba19530a5066 |
| SHA1 | c1f20c0dc60801236f5fe196bc0363c84f36b217 |
| SHA256 | e3b2705f38dd2bf21256f3ab2f7b09b6426c3671eecf3a185fa6d18ed254b95a |
| SHA512 | 5845134f3f656cd08a8704e1a104aeac862a27c8f8144307cecbc49124c3f3633e37b2a483c8b3980acbd9f9160db1a7270b026e295a3ede34138d110b2f3540 |
C:\Users\Admin\Downloads\Unconfirmed 476049.crdownload
| MD5 | 2c752edef5b0aa0962a3e01c4c82a2fa |
| SHA1 | 9c3afd1c63f2b0dbdc2dc487709471222d2cb81e |
| SHA256 | 891846bf656253ca1cdd28584a28681e9604e2a03d74cd6b99313e3bff11daf8 |
| SHA512 | 04d25fe7d40c8c320ffc545a038ad6ea458df6a8a552b0e0393b369a03b9bf273c72f30169bd54e8eb10757c04bdddf3859c601c1eb9e1a12fe4d15658906dfe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | adb945117477402f17b88cd20052f59f |
| SHA1 | 79a3e12453fa22cefa91af7651c4d4bed3afbc4a |
| SHA256 | fc9f7842a31716adc4699f2b43ba1a19ca30fdbda73686726532514c33e577c5 |
| SHA512 | 8236c5b1ca91b5af8cac6d762bff8c405103e3973eeab641ed5fcdd1010c06c783ee531cea5be34ab44bdfbe9e8c504807875d713791fab01d3c38ef52c8b09b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8009648aa07a3a4976a4f5d126276bc4 |
| SHA1 | 7aee579257bed0b62f83e068fcd6d2d7f3586bb8 |
| SHA256 | 1ac6b64c2507b2232f94a96212a819786a13915e835a96a6d6c00f9d69995230 |
| SHA512 | 3ab0140695e3ae7c96c19dbb00c618f9de1f0f481e0dfb479438c66b18ebb42f64e7d8bb234bf105b2f36456e7433e6b50806689821ff13c066273e4a11da6aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 02213a20d030164c5d98dca1c14779e9 |
| SHA1 | 822b7db529de523ddc3e3c4ab754dd40a653c7af |
| SHA256 | 658decd9270d9cae43d0ebd40e058173b4ac48b6d6919cef5400fc65b128a1d7 |
| SHA512 | 55f1a28f6c9cd3a150ed0b30440878c3232882d0471c539b2ef29cd1c363e387634b8f52916fa5e8efbe555e05d0829576db1fafa7b0394cfe53bf3bee2de29c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | a06db0dcf1fba3156a7645a0e2c6e18b |
| SHA1 | 123318bec224261a47dbbe4b3603fe584d33db4d |
| SHA256 | d39211a326662dfce1940fed5d3af0a17b9a641f0697227cd0a763376b86b0e8 |
| SHA512 | 7aef6ceaa371c26edfbb80c87438ff3153e607147fb2132a5bfda9529778709e261385819bbdaf964574a207408f5f3a329d5cb7069d136b8d226fc3ca35cdc7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | aa290da03c2c208c3a2c5814fe25975c |
| SHA1 | b03e8403e65e271826b8002b0e86b75329635cb4 |
| SHA256 | 02b8f58bd5c4e30b27ee1196d8e5960ce904b9ef8361018d209009ebc2ffdb39 |
| SHA512 | d4ed9d00a41bd5a7e4729cca58edb1d540077f00d9d17b774429f7010b012043ab70d7fc83fe87d99182621c7926d971f50e8aacd3c8362a5a81de8f06cccc46 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | d022604b2cc08cfdb9b67a0c78412ca4 |
| SHA1 | 8e607dab326bfbe07627f8008939d0726116633d |
| SHA256 | ad5a1f789d87794cf82b7cc0250302e60da1a5c83244d1f4b48f76b032076464 |
| SHA512 | f0a4fd736affe87e4207d80c43a6a18bbda126718bb95480f85a1e256b26b3714382d6eafcb02111741c2651deb4deec595d9e66bc23953a45de87873e81f95a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 0304094992765996d11dfa0fdd48f6da |
| SHA1 | 43bb8d60e2296e15283fb22bff2fe583b0280e0d |
| SHA256 | 21687e4d769bdae929a153ec239b75e952291d233937463a3f94420117a011e3 |
| SHA512 | ca9c8b5bbafbcec180d18f20da6cb55d854943393cf98edc824de9b4a9aec04d1d85f097fabb3ac10ed86d6afddeac2b34eec6d7063e4b0bc5d82afcb98b3f6b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 42319a3f6bb7a0231a56ab8e68ef9abb |
| SHA1 | b995411a7746c92dd3d61615710afb37c1f758a2 |
| SHA256 | 00c14bfcf001113ee1744545bbae86df79b27176e637e258582efd6d23d7d9c4 |
| SHA512 | 810dbed5f138bd6a918412b06f58c855707387bf4138d735565b0f08a6da5067ad94b73c90b7cef1c30ffa019864445f7fab87412cd7b5ab78a2175bed84a40a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 27a702681074d6733af69688fe8280d7 |
| SHA1 | e7f5cb4b5c2f4f2599e97dbdeb496df12b6c5977 |
| SHA256 | 09b82a159d980abc4a8d1b19e00f3e67b14e566ca0e82a8b0a7d03a14113d536 |
| SHA512 | a60b3292050c0e914acb2b02cfb5901acf0b11d9ab3d4e37e9142e25bf91c096afa57216e5f17ffd7dbda35b5f79f2c1a9e1b525279b3f92cb98f22ed9d2ad1f |
C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-01a570a3cd0a46f2\content\sounds\ouch.ogg
| MD5 | 9404c52d6f311da02d65d4320bfebb59 |
| SHA1 | 0b5b5c2e7c631894953d5828fec06bdf6adba55f |
| SHA256 | c9775e361392877d1d521d0450a5368ee92d37dc542bc5e514373c9d5003f317 |
| SHA512 | 22aa1acbcdcf56f571170d9c32fd0d025c50936387203a7827dbb925f352d2bc082a8a79db61c2d1f1795ad979e93367c80205d9141b73d806ae08fa089837c4 |
C:\Users\Admin\AppData\Local\Bloxstrap\Modifications\ClientSettings\ClientAppSettings.json
| MD5 | eab6dcc312473d43c2fa8cc41280d79c |
| SHA1 | b4e9ec7e579d06dfcaa5ac616de2751308a153c3 |
| SHA256 | 0a27d3c9100ab7ab6f03c45daeb0f0cd586f3aeb59daf7986e853f9614e954fe |
| SHA512 | 1ce0fdc237110d644bcc8238f184554f25813ccf7142fd312ce96fbb6659081db677b04485bf66d52100136da6bb9688e48b1287455725c7b4950153aa2a4595 |
C:\Users\Admin\AppData\Local\Bloxstrap\Versions\version-01a570a3cd0a46f2\RobloxPlayerBeta.dll
| MD5 | bcb2661dc6144c57b01993b000c43a48 |
| SHA1 | 7f3449a83580f62ee56a84bd3cf971cb913ababc |
| SHA256 | 6c15c616cf1f17896260a0aa8a30fa4ae177f323878e964291773b00545b7238 |
| SHA512 | 13d17601234c111098c56bbf70155e0dcf759aeca7a76c0edc13d4e26aa06de9fb64aee920c20387037f4c81d260d6d0b2e4a26cb0da85edf83282f1807eac65 |
memory/5464-5009-0x00007FFB9E8C0000-0x00007FFB9E8C9000-memory.dmp
memory/5464-5008-0x00007FFB9E830000-0x00007FFB9E860000-memory.dmp
memory/5464-5007-0x00007FFB9E830000-0x00007FFB9E860000-memory.dmp
memory/5464-5006-0x00007FFB9E830000-0x00007FFB9E860000-memory.dmp
memory/5464-5005-0x00007FFB9E830000-0x00007FFB9E860000-memory.dmp
memory/5464-5014-0x00007FFB9E470000-0x00007FFB9E490000-memory.dmp
memory/5464-5019-0x00007FFB9E560000-0x00007FFB9E56C000-memory.dmp
memory/5464-5017-0x00007FFB9E470000-0x00007FFB9E490000-memory.dmp
memory/5464-5018-0x00007FFB9E470000-0x00007FFB9E490000-memory.dmp
memory/5464-5016-0x00007FFB9E470000-0x00007FFB9E490000-memory.dmp
memory/5464-5015-0x00007FFB9E470000-0x00007FFB9E490000-memory.dmp
memory/5464-5013-0x00007FFB9E450000-0x00007FFB9E460000-memory.dmp
memory/5464-5012-0x00007FFB9E450000-0x00007FFB9E460000-memory.dmp
memory/5464-5011-0x00007FFB9E3C0000-0x00007FFB9E3D0000-memory.dmp
memory/5464-5010-0x00007FFB9E3C0000-0x00007FFB9E3D0000-memory.dmp
memory/5464-5029-0x00007FFB9C480000-0x00007FFB9C490000-memory.dmp
memory/5464-5028-0x00007FFB9C480000-0x00007FFB9C490000-memory.dmp
memory/5464-5027-0x00007FFB9C480000-0x00007FFB9C490000-memory.dmp
memory/5464-5026-0x00007FFB9C460000-0x00007FFB9C470000-memory.dmp
memory/5464-5038-0x00007FFB9D2F0000-0x00007FFB9D2FD000-memory.dmp
memory/5464-5054-0x00007FFB9BCF0000-0x00007FFB9BD10000-memory.dmp
memory/5464-5053-0x00007FFB9BCF0000-0x00007FFB9BD10000-memory.dmp
memory/5464-5052-0x00007FFB9BCF0000-0x00007FFB9BD10000-memory.dmp
memory/5464-5051-0x00007FFB9BCF0000-0x00007FFB9BD10000-memory.dmp
memory/5464-5050-0x00007FFB9BCC0000-0x00007FFB9BCD0000-memory.dmp
memory/5464-5049-0x00007FFB9BCC0000-0x00007FFB9BCD0000-memory.dmp
memory/5464-5048-0x00007FFB9BBB0000-0x00007FFB9BBC0000-memory.dmp
memory/5464-5047-0x00007FFB9BBB0000-0x00007FFB9BBC0000-memory.dmp
memory/5464-5063-0x00007FFB9E830000-0x00007FFB9E860000-memory.dmp
memory/5464-5062-0x00007FFB9E830000-0x00007FFB9E860000-memory.dmp
memory/5464-5061-0x00007FFB9E6B0000-0x00007FFB9E6B1000-memory.dmp
memory/5464-5060-0x00007FFB9BF30000-0x00007FFB9BF56000-memory.dmp
memory/5464-5059-0x00007FFB9BF30000-0x00007FFB9BF56000-memory.dmp
memory/5464-5058-0x00007FFB9BF30000-0x00007FFB9BF56000-memory.dmp
memory/5464-5057-0x00007FFB9BF30000-0x00007FFB9BF56000-memory.dmp
memory/5464-5056-0x00007FFB9BF30000-0x00007FFB9BF56000-memory.dmp
memory/5464-5055-0x00007FFB9BCF0000-0x00007FFB9BD10000-memory.dmp
memory/5464-5046-0x00007FFB9C6A0000-0x00007FFB9C6A9000-memory.dmp
memory/5464-5045-0x00007FFB9C6A0000-0x00007FFB9C6A9000-memory.dmp
memory/5464-5044-0x00007FFB9C6A0000-0x00007FFB9C6A9000-memory.dmp
memory/5464-5043-0x00007FFB9C6A0000-0x00007FFB9C6A9000-memory.dmp
memory/5464-5042-0x00007FFB9C6A0000-0x00007FFB9C6A9000-memory.dmp
memory/5464-5041-0x00007FFB9C680000-0x00007FFB9C690000-memory.dmp
memory/5464-5040-0x00007FFB9C680000-0x00007FFB9C690000-memory.dmp
memory/5464-5039-0x00007FFB9C680000-0x00007FFB9C690000-memory.dmp
memory/5464-5037-0x00007FFB9D2F0000-0x00007FFB9D2FD000-memory.dmp
memory/5464-5036-0x00007FFB9D2F0000-0x00007FFB9D2FD000-memory.dmp
memory/5464-5035-0x00007FFB9D2F0000-0x00007FFB9D2FD000-memory.dmp
memory/5464-5034-0x00007FFB9D2F0000-0x00007FFB9D2FD000-memory.dmp
memory/5464-5033-0x00007FFB9D2B0000-0x00007FFB9D2C0000-memory.dmp
memory/5464-5032-0x00007FFB9D2B0000-0x00007FFB9D2C0000-memory.dmp
memory/5464-5031-0x00007FFB9D240000-0x00007FFB9D250000-memory.dmp
memory/5464-5030-0x00007FFB9D240000-0x00007FFB9D250000-memory.dmp
memory/5464-5025-0x00007FFB9C460000-0x00007FFB9C470000-memory.dmp
memory/5464-5024-0x00007FFB9C460000-0x00007FFB9C470000-memory.dmp
memory/5464-5023-0x00007FFB9C2B0000-0x00007FFB9C2C0000-memory.dmp
memory/5464-5022-0x00007FFB9C2B0000-0x00007FFB9C2C0000-memory.dmp
memory/5464-5021-0x00007FFB9C140000-0x00007FFB9C150000-memory.dmp
memory/5464-5020-0x00007FFB9C140000-0x00007FFB9C150000-memory.dmp
memory/5464-5004-0x00007FFB9E830000-0x00007FFB9E860000-memory.dmp
memory/5464-5003-0x00007FFB9E7E0000-0x00007FFB9E7F0000-memory.dmp
memory/5464-5001-0x00007FFB9E6C0000-0x00007FFB9E6D0000-memory.dmp
memory/5464-5000-0x00007FFB9E6C0000-0x00007FFB9E6D0000-memory.dmp
memory/5464-5002-0x00007FFB9E7E0000-0x00007FFB9E7F0000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 38a12ae06ca11fde0db97277ac2b644a |
| SHA1 | fce2a9385e2677b4d13c0a8323576013fafdc99a |
| SHA256 | 3a52e2b6ca9fc27d971759c0a0be1e57e106060b8d70352c8efaed3d983bd73f |
| SHA512 | 39df652018de1d970742bf62ac1f16c6bf2843b19bf8e8b0f50e517d1bb05f9752f57963e322125aa1b40fad707b9e2f61999f798ffc6976cd918d1f96aa0d26 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cbd683902f3337e90c8bc4793f82e6d6 |
| SHA1 | f9b9249a21620374cd1056b9df15d1b94f045f35 |
| SHA256 | 4c8b68fa6c27df93218fe73dcb166506575b37cab2cb07a73226b099a1020274 |
| SHA512 | e5e58df7c022c2b1d21846cae931f540ea88670180560a7cc1408473bac94256fb73b03c56f3932cc095904562c6bd909e7b92ec384e7b1843307c448ecbc66f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a4ea389fc42f23400886133523966e02 |
| SHA1 | 429b84ab16c82302af85075da9c239f854e0954c |
| SHA256 | e771794c8d3413d8c17c00a6fa147d1458dc2a550b8489ac5365c53bb363a570 |
| SHA512 | 70ac4f61d409b67ad446f1d1cf033044726c13921ca82971f5c8a3d4c40125a10015dc9f44f7e660929572aef18bfbe49e694d643e05377165c516ac6cc933d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000065
| MD5 | 3e552d017d45f8fd93b94cfc86f842f2 |
| SHA1 | dbeebe83854328e2575ff67259e3fb6704b17a47 |
| SHA256 | 27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6 |
| SHA512 | e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8bb6f536b5c0e0521d0cc530887143fd |
| SHA1 | d24edc58236f5e69881330848e99e14afeb941b9 |
| SHA256 | cbebbb23394a57eb01ec2079d5822a5064eb0c51a0538898124c47da5e8b6688 |
| SHA512 | ac3f8cb40056a14eea82e87d12199172b3ce3b95456ddccbe32bdb19715d560133f6d344be4befc8487d08b32de07631b9c0da5bdc40685eac8de702a47ddc4a |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | f46dd9f3201a27c7b3459aa9512fb82e |
| SHA1 | a7d093e8a34038c2ad9cd13a1946eda988a0c332 |
| SHA256 | ae35c4067b24d38d77730628e492117bae5398df4d026cc568086eccb007011a |
| SHA512 | 495925df89c30ec1dd4f6f7d11c220d9eb5bc81f6195ca774de0b99a4283a95dab7e5746dc6af9c4d7f4ac284b3e14412388cf0e792e81b86849b17c81316f10 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ead9843ab90b741fc21527d122b70e88 |
| SHA1 | 6330c023a55df58b81d7666d3e1d0d2571d1969e |
| SHA256 | 22fe5f1fbd04e1b2f84fd185dc348af9307e28642baf6e80b8ea69db52cd2e14 |
| SHA512 | 3ba9f58ea7564145ebc54661fcf969ab2dcaec0e71d0ce25c1776a0ff010a52d1d10a1f40048fd2576452cf0d27e4252449f84faa51a2a59bd80237068dc70af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000064
| MD5 | 888c5fa4504182a0224b264a1fda0e73 |
| SHA1 | 65f058a7dead59a8063362241865526eb0148f16 |
| SHA256 | 7d757e510b1f0c4d44fd98cc0121da8ca4f44793f8583debdef300fb1dbd3715 |
| SHA512 | 1c165b9cf4687ff94a73f53624f00da24c5452a32c72f8f75257a7501bd450bff1becdc959c9c7536059e93eb87f2c022e313f145a41175e0b8663274ae6cc36 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 9724dbb8dcd43210457661391a1b9d6d |
| SHA1 | 617d1be16b6709785e0b61ae95e34aa4412a94c5 |
| SHA256 | d74d4f00853b766f1dc32898d3750dc64adbfe787fd13d02f2898ec693655e6c |
| SHA512 | 2617dd13d56247c75597d366fb358db10b57c1447a1df792ca561777f8d57765f309ea6293c948a140b42a2d1581aaf6a68fc8f8331ca3323e52c90c810bc6df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ea9b8918ad020319_0
| MD5 | 080db41ffcef35562fced7ad050e2043 |
| SHA1 | bfc6cb961f770eafddd1d912a8630900c62d1a77 |
| SHA256 | 253bd653fc171a8578899d72cc2a29e68125702c8b84a508d98e929d2c15bbe2 |
| SHA512 | b1b2e1136003bb14288f89255d978ae260b0be6f199f5492b5f45eb07489005310b92fca0cbfffea963b5db26e88af9e51b8098b04a62c2c5390dda54cae90e4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7a3a80e24ba73b16_0
| MD5 | e58376439974a4110b25faa8fb9d1118 |
| SHA1 | 9a2ac3ebff9c7318e358963c7c06c7376654b763 |
| SHA256 | f67fa7055224e7ccd0f0c026f3906d9e57bfc79e883ac68a2899b4f739ccfd8d |
| SHA512 | 83649da000d5ac1dff9f957f461d36a895b0dfd2bfc856c8b9fc93d19614345b87eb83fbc8bb8a68cd5b869bbf8d347bb0c6d95e7707e7b9d8472fce5a5f9361 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b650d47f3dfd2d75178b0af252bcfabf |
| SHA1 | db2bf13618047c94caea0ca477cf9c8e6204752c |
| SHA256 | 15eac0e2d054a43f85caac0bb6c2ea759f874ae6eea8cccfd93077f62f70bff7 |
| SHA512 | d73fa7ad56b28c5846e605252983595cbcce6235d7a42034a0dca33818d82ab62d4118affe16e1909f68b3ae5be26d9546656d6cd025f33157382901eb60a077 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 98de60ab4b3ad18f8af1c6d7afe707f5 |
| SHA1 | 73b04db0b8c43671698d2ba5d18d4e1131556a8a |
| SHA256 | 50c4439966e4374d6f8dd9e3237d5b5028b011d05c46a8441a5de0b021b03a23 |
| SHA512 | 9fbfe80586e4c12d48c11fdd82a93389eac72ee905be8ea345a83f658ba5a3abee372d64881525a891590a7e20da9ba3201b8838847062831873465d926f9a73 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 6a2e48cf46bf9e410d5f53e47e700482 |
| SHA1 | 81364269689c36a74660defea3fd165ee073d53c |
| SHA256 | f204b07b3755c5bc22642f9a6d55f90455c44986479d3e8e99c5536615c6cefc |
| SHA512 | 2e6c911471a6e9d2fe5358668045a8760d9d8dc7786c425cd8511768de0942d8832521db25a92082f167cbf4088c4a84675ae7e76a78e1b9729d804d00b20fbe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8763a723da00288e06ad6ee18c050592 |
| SHA1 | b84ec931dd9e7d5a1125fad934f0cc077f8f56ee |
| SHA256 | 38c5cc3f8c4900c68c04d746c769313755f341044affcdf68bbb5a72315beab7 |
| SHA512 | c891ef28879dcb508a62705c9af193ee9234c93cd1f7396cdf2431ad832105eb150a1871a553df54d6a386ad270815bddbec4395e5ea5cbe4db4e9dc5d24650b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 24b52fd36488d166828c03c8926e3843 |
| SHA1 | 06ec6b4ec81965a30acd916745e585812bcfc3da |
| SHA256 | bf2fd362477a1c53e323982f83159d64551912535b175bb85ff2df7bd11c3c25 |
| SHA512 | 8a1a700c7c77d3faa8f46b8670559dd8d4d3dd427bf8815cb85fa7605d9e099b828adad8aceb9257aec3f1a28a31de2f17dd4451110362d2b0d5d6e1b5943b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3fbab1a16bb3adb104dedf7e50089c13 |
| SHA1 | d23836d863a72fb71c34103668360486a56da3f6 |
| SHA256 | be1d00e5b5b6d5d227d46a745e2a13c9833b850cbcaafc8a4a640e4170d28754 |
| SHA512 | 6308a3c5196f3a9c6745ff86d01ea4c088be2b23b5b6d55ee852c34c1c6ae9518e9e3a862550260bd9a67066f0144be5cb8a9f218bcd6726656304f3114d2e79 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 467c77939bc0c698b8cc93206333bf37 |
| SHA1 | 1d4ecedf7919685a2cd5677183c52d9a4cca595f |
| SHA256 | aa469c98692d9424c4e1c27d71b2940cb09597d04876acab5bddbacbfe776d45 |
| SHA512 | 42384a625d79c99ffaeb3bebea9e21151b57c8127f8a7bfcd92f86db551672167416c09f6b609e712c248e501b6d9c38dbd0e76202eac70947fbc9245cb938a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7916218271138b7d5f87c463983fb880 |
| SHA1 | 6b96c7d820479106b70d822232f46023f6c46cb1 |
| SHA256 | ae124431c02566a265ca9988ab203802acfc200f0e09260571fc4cf25bb6b64f |
| SHA512 | 3585675b0d5a8a7fb2de54b30571a7335371859f21b6c29796f499df5c4aaa642042a1468c2a6deee12b4472bf1b957641c8da00c971bb6c62fddffc081bb8d8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e4384637ddacf994_0
| MD5 | b6489e2591e68a00f351a16e2177c5b7 |
| SHA1 | 5f766cdaa4a6f6af7e03ff44774cc053060ae955 |
| SHA256 | c3e436554473c1a7324e7e1f2f88d80c251e0cd910fffeab614eebc753abe416 |
| SHA512 | 1e36565a9f3141fd5fb2c36ce5914a1c6bc90a702d62cc96a025ec8bbb4eb81dd3c82d2082192a9a44c43742e405822bac7c4f34ee0706f281079964f49e426e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006a
| MD5 | fc499a14bfd3627d99eadff22288a301 |
| SHA1 | c2762dcb325aebd4e539a6aa7f6fa1aeb908f75c |
| SHA256 | 05573c4cfeca82eb64293902c7e07ff9158d794f28b114d26d47a8cdcb931ee8 |
| SHA512 | 0d974bc3f40306594c77dbad4f659bd4fb358a3e55afb73f6cf237840c5bc6b48afbcb1fb64081ef15460160df5069ec199059901da39352ca6882e2eb4d7cf8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e8f6640eef188435_0
| MD5 | 2fe27f8463a40af25fae45b06e3e668a |
| SHA1 | 3407ed7a67ee11f67b9c5536b389e8ea6448f183 |
| SHA256 | 9526bb3260b8e7e5b7d6df31169a1dcabe680a03957d59f3cd3572c800ee19a2 |
| SHA512 | a11ee4946c19b933ea8ce7664816fceefa243a11180fd25f58bafa457aa60d852165ae6f85c1d3bd3b4c3dde2ba374c912bce764df1f96be7daa70127e10fcbd |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | f568daf23c9370659989aa4ab1cf389f |
| SHA1 | d1ec0c76a6925d8b17f9b8827ac68be451005c25 |
| SHA256 | 97a169132f5f77454251d89175af1d1d82e3eae0aa1fd3c408cfac9a1fe7a405 |
| SHA512 | 87a6c5fb8194725ca813bd90dba0ba8e7ce32cbabdb195f9f358a7465c3729fdcdc4e0a938a8716f73e1f2b64fb0e3a1ed89c50f20590840a999810c47373bf2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\580fd9376c2d4a3e_0
| MD5 | 879994f76eeb799a1df7f845703f3697 |
| SHA1 | e6cd7a0b43ed3052fccadf8be45d502be6835623 |
| SHA256 | 368838ad64e530e06e3ca15b5c352dbd21f17e37fe0ea0deec419f1ebe1818e6 |
| SHA512 | b62640a184c131504306d7dd5f8405cb59662a62ac6364e22eaca64279b0fe762cfdc654eb6ee9ca468cfe144e7c380df5449e72207991bb36ba65037aca100d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7e23bcf4dbf5c221_0
| MD5 | f3f5203e6eab68a5c2d6670cb699e98c |
| SHA1 | 987c746d7c52094cb0ce599422b368d1a0bc9424 |
| SHA256 | 2da5adce1ef28533a7155c3b18f66d7cd02f7917ef0500bc455e3b10d758d67b |
| SHA512 | f51f142a6b6b177d3b1a1c78686f408d25812f011623b105538f32c7aa42115a0dadf060951fa3f6228787cfe53b07b4a2c3c8fdea4110b341fdd1161fc370fb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\695c42f61090a800_0
| MD5 | 2ace437bb110ff5a55c97f359e00b81b |
| SHA1 | 53f5d212d4f350db0dcc0efb48c7026bb1570bad |
| SHA256 | c1ad5cb24177c918ed1709c67234d767772720f537019affdbe21098069fd1d4 |
| SHA512 | 3056f710b8831491f6d71fb45cc36a6efd4c787df1c8334eb4ef4d5601a5b31c20851f7d162b80fd1de287f614776410e147ead3ca364717bb30b506fac8feb9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3f02c4494b1a18ff_0
| MD5 | 85c0d946a4165bf18f4f42cdbf8e988f |
| SHA1 | 03823a5dffcf192f9ec2f4638f657097d9a08f57 |
| SHA256 | 143b393af450e725e78eb07e267db083dd7cb319ab574c4146f429e0a4e9bc6d |
| SHA512 | da56b1fc38452636cf9c8235cb6b0a495690df2f64ae7830ffde84737941cb4beefc3b15eb8e33ea64ee37df331ddf21f0ba0b63b2777ecf708bcbe328422282 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8ee73a31bd0cce7d_0
| MD5 | 2e66071f90e5f0700aec513bee734b9d |
| SHA1 | 8ab88e1c931c6d3a6761bfe0a54be5d8aebdd40b |
| SHA256 | 8afa6b73bd494635c8b71f940d720046ee2e70c42517c8acb1f4bdec3b6ca064 |
| SHA512 | 9b86c6549cc0eb967299200ee42808d53be766fa0f15d847fb8ae55b15e216de3e1790c4d4d69a5577124754cea3282b7017f150ec45b2bd4697e3bba6396341 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\90a3024039060f37_0
| MD5 | 34da317565c2ced9dbec9ced837e4d9c |
| SHA1 | b084362d43255f38753af37d8bee98747da1b290 |
| SHA256 | c0d5bd92a11d582d1bb0e8ae3279ef9d50e3a5952508b3dc0ccebac11c1a38b9 |
| SHA512 | 96f0f103d089f261969c878e5dcf29a9dadaa4cfd3517d6eac8c6d64420bbee1073e26e5f1185953103e29282efd76a9b20353bae72997fb728b63a84c600b4d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d7a29efad91a1117_0
| MD5 | 198aabf2dc57111af3ce1f5b321b1612 |
| SHA1 | ce026a176c34618004e59c548ebd7d3071372b0a |
| SHA256 | fc9b17bbc0ca0f23316fcb4dccd3447b6ecf901a44a14de6538ea0c464317643 |
| SHA512 | 72242389451c87e515b900698e27aa4394cbfc82df895435e798402092b0d6a975ddf2cae45fd1cab37e06b30ccd481e455d336698c19ae6ff06b0d19f1fde1f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a614899219c1f2bb_0
| MD5 | 1fa68c8e0298fa5b490f54bb9a466a95 |
| SHA1 | a7b71618dd13b142f3d11f6eeaa46d4b0301d0a3 |
| SHA256 | 70853d11ed7a10ee101ba63f8a096d76747324065084d300b37c283602d067ae |
| SHA512 | 7563be3e066d70cc8692275bef2f1b589e87d361c294089ed22acdad2f9aa82a8a99f1980f305422b0850098ac8d6e15b0130c148e39190b2b615ef643f6a37b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bfd9b5c29c5c8524_0
| MD5 | cc311dca82bcf1cb2c6e0ddb2f2f05db |
| SHA1 | 5745c125aac0686f24f61702c6989e11fb6fa0c6 |
| SHA256 | 9e8e1c9f39105b0193848cb17aa7a3e3cb10e590906a50bac56e515d74d79eea |
| SHA512 | e05251e3a7d2d5e1023cf63fbdd1735018487420daa02cf4364eaa38ef949db785860aed9cd19ed24bd6279fcac0653d654b18b57d88fa2001d764ad1f104154 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c8ebabdf2ca951b6_0
| MD5 | 7b1b9dc862fa338134198a1fd087e76a |
| SHA1 | a13c6f35f9d866d451df9d0523504b5786040157 |
| SHA256 | 9cfa27a21469f47d3e0a4fb7970d5ed15b8bd23331de6090bb70cdbd5a67b25e |
| SHA512 | 5271d8a33fe45f53ab528857e651c2857f24ac23d57b6e926130535ab5dc9c9c666af40ce30b7274d966b490a36537fe0b94042a5c0ad47473fc0f717337fa80 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e504183595893c5c_0
| MD5 | 7c471d9d0a7feafc503204e7e5589d6f |
| SHA1 | e8117056b56b5a086506d615f7ea8342ba27bbeb |
| SHA256 | 9f57b64e4698706fe006889f87d27e3afd01c0fc044a23084fe450b7dc18ae32 |
| SHA512 | dc24ab0ae30703ad4500a152a02e0a25ce2c8b5f65fe55824ac0572cde39cc4779c5987f0bdb2ebfba31f3066bb6ed40f36e590e3439fed153189bf560ea9f9e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\74b88724f60b0383_0
| MD5 | 1ed5a2270bbfa74819a2c7c4a539410b |
| SHA1 | 10ff3260fc683461fe27a8e029f8beee70d6b271 |
| SHA256 | 27e5d8e05082532eb2f84749e52dd0a61b823312fb0495dabc2da42654f4d47e |
| SHA512 | 2d31111a494495174a96340f0af5ec8901a81a595777b8062226307758ae62e83952a0888e28aac573f5ff2977cee8a40e19fe4a4020fb40aa9b5f8023d57eac |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45a16ff6d0d9ab5f_0
| MD5 | bc1cb46b7571ef3fd865d551826ceeaa |
| SHA1 | 449272f09532cdf087f6ba31c29d2c25798a9ccd |
| SHA256 | ee45fd1ed45e68ad9f53f57c46c7bf901293e0115c0d729c87bc675aad4cfb13 |
| SHA512 | 349683bc02ad907f24da6c20b383fb23e869f9b89dbd6865139e066e154aa9cfaca07dab434ae8314d14ab53b47dbc8cbe625a61ec95ea5359276395e37f8b46 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9412c8b664751f90_0
| MD5 | 0da865fd46d508736944fbcb39769e91 |
| SHA1 | c25d74305226205468c1f51b20bdcdab236d7189 |
| SHA256 | 5d36883628eabb28aa54669bfc71d29ae2c59e4fc7e5da1d0a1f8841f466975f |
| SHA512 | 24f209908cd91c61e932c06b09c5c58410ee0d170d9c49de68e8ebb428c50331334c0b06fb6793cb3c51eb71bfd9a6f6216919bc62688390f369b5e08c6539fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f89251fac2b69325_0
| MD5 | 94ade34dc9803b0ce4b55b9d49306a90 |
| SHA1 | 9e10c5d93ab54e22414bbe3445f872ef483f0db7 |
| SHA256 | 7280a3ff515b67121133f2375cb4fd31229abb62678f91051d7d5cce5b501734 |
| SHA512 | 1297c5764cafa75a4f051aeab9cb1a418a101efd3b740724a7fa929b29e38c78b1f2916882b41835e1d7068cebc9668aed9a2f49aa1190d739b36e8e10ae7cae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0
| MD5 | c446a3e8b97bebad5a6e0e40e8ffbcce |
| SHA1 | 716298fa4f1616b3b2d37d58b53b5f3d23e4453e |
| SHA256 | db582f1e25592be39005527e233b674caf29eab1603b0693db672d6158483102 |
| SHA512 | 818e73f1a5317fcd39634f3d4484247e2e8993f90ee8b49e9cf0018b771aafbd3b4dc400b8518628317ffcef478fd7f33c917c56d798855a0ffe6543c5eae3dd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\25c90b4fb1c6ef85_0
| MD5 | 39252f8813948fe71e97d33b96913244 |
| SHA1 | fc87584bd4c6bb183c9dfeb65f0e96f5cfcda838 |
| SHA256 | 800fe83b6e93d91c73c57b8c697190eacd322680bb8b133ff47d2da6aa0cf0f5 |
| SHA512 | 70732ee00035f7c90c60ed121837affb398f06c351e53f1f45cdab09262c687d9053dd9332eeb7da0c845fbd7a51454aff068f7cc9998cad85dcf7ae710e1840 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b2a2ea4987d45e0f_0
| MD5 | ae9f1ed1a226a472e241e00643f64012 |
| SHA1 | 26504f8fb7a0a47a5e16c3b876741fd7719289a1 |
| SHA256 | 7af36d33336c441a278644d8fb794758e1ce5394bf67c7c0226ea20a71c8fc79 |
| SHA512 | 03722ac7da6e4f2e6b08151fbb1a789a658d14cba40ad5d8d8901d1d3300ef125c4579a711141baced40276f92e8a5389f320747999c881e7fca847db8b07487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\83d6d3a772bbc707_0
| MD5 | f53da65ec373335072e06d79d14003fd |
| SHA1 | 44ed770e8f9cf61f6cabcb191bbff939ba90175f |
| SHA256 | 1f3169a185120ab74d0320156f1c9f1658fc16f858d36d5f3c085b80b9c78d45 |
| SHA512 | bdb6d042a41359f3848751d29b502e9b97b426d818d365c0acd5e736804b09ff1aa598b162a2804fb006d5d759a8e026d4e1dce4c700509e7a4d1c2ad77d0a32 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\06450eb6a7b09545_0
| MD5 | ad397a7ccab7c1d647e2a33436ccc37d |
| SHA1 | ddb5ca2079aa70787cc267c1a4e5b3cc6360ae1b |
| SHA256 | 9eedd3bb796fbb3272c4ccdc675d6a243831a9eea608eda371f06396e13ff88a |
| SHA512 | 66b57aca426c8fbe0da51bb4b86a22751fa4ee3833d11a05271dd569fbe9815cb8ef15a03fcbce70fce6b63a6a614cf247540196018a17243f79a67d7898d150 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e55f0a6d1b533c66_0
| MD5 | a331dea1afceec58f7ee0f91285902aa |
| SHA1 | 0946cfac937205155dd050fdd30d4621cc042d5b |
| SHA256 | 2dfbfb0421bbbd97bd0e9a4cc4dcb93644b174af534d46a5d0e6ec3255915b0b |
| SHA512 | 2abd8ed40741a35376853d5ff4570a77c5c512a7f955ce85dcc3e1ce679fa707bb30013452dee6a465e941916cb47ee0ef8faf6a67acbf37088176f1a4ad263c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2e4bbad99a372cc_0
| MD5 | 033e0129c351a07cbe81f17a3af4e1f3 |
| SHA1 | 3e82811a2fb2634fdc133bb5a6974d001563f33a |
| SHA256 | 1faa23406797177a74750daf3940b7a3537c557bd95375c1024aa72073959a6f |
| SHA512 | e1f9d2e4da85e4194bad0dfea0cc53e99b995b900c644c01b0172ea5466e188bba72dc6c7da513bfeeef939ff7d33e8b5cbe050f1f976ce57ae97fe2d49e50b9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a267b7c21d8b8c9c_0
| MD5 | 41f902e2c95dbc07c8eebcf208095613 |
| SHA1 | 426d6d99f13f9764ae738477485ba03152a8ea5f |
| SHA256 | 07e73cc69c82835056a1339f5e7f4ad4840509fcb3686e330ab705e3d7136371 |
| SHA512 | e9d66cd260b3d0e2cd074a6378d12f0d09a7966b61280b223afbea059cced63254bd1c6e8449853bcee26c43e47fb8572cb5ae4f133914c56e78b780d14bdbed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3fa2fcf4fc0765ae_0
| MD5 | 81709bae8cafb9ec5d8dc69ef8ee273a |
| SHA1 | 54ca4ad4213d9d199f544e2b0ede2271fbaa4b4f |
| SHA256 | 05b415067854365b5b292eee58d35c5d04bd2bb90ada7b1865beafb9b9656e82 |
| SHA512 | ec5d2a8df671c78197f4f13597e0447b58fa7c3239792f87cf259c348a9f29f692f6699841864788662ed91db51f1e4601cc350cca2d2a2401e9143af19f8ae7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d3dbb3008455b523_0
| MD5 | 26763dd168bf647c857bd00aa142c237 |
| SHA1 | b551385f407f299b7c73dcb53c6e7199882e2881 |
| SHA256 | b25172a94befd4f1a1e6a95f3d16454eb7e9475126ad241e89a7687787ba1be8 |
| SHA512 | aaa3f8f069a2f90801078aebcbcfd5c18b03be3f093be0a3df7cde6c50586252082ab01bd3ae0e2feb8ca83a33060f7c183f95516356c4770a467e84b5ab6c36 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a09f6271ad0c4092_0
| MD5 | 53da3bf0a740b919b0c85bd14dafabf4 |
| SHA1 | 437234c3f1c86da8f0f25e6d089be15ec239c112 |
| SHA256 | dd480194df6d03c3cc61d0c921aa7a046160babf79b617bfe4a168ae7e63e69f |
| SHA512 | 81ad5cab9b6cd532f3cf2c52191c575036c7d6f13a4756d9afd73050c989950f87e942ce0aeb146e14435cc488be28e70c62c9de0219f7e83d4c23f82ad8e4be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9aee5cd509922cea_0
| MD5 | 53c72f0b273b11161849d4085382771f |
| SHA1 | 177d3ac0e94fd36004aaa9428105131d9dc7a3f6 |
| SHA256 | b5643f6939142de287fa51c5358b1c2d39b85853e1ff23680787724ba877defb |
| SHA512 | 6c16f5a18443a2e37d2c9df43cadcb6e7d93d52af0fc6fa3a0904ef5c18c656604e6080832cd1a68fc198caf543903ad324646360bf365467124faf75bd5772f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ac9b40a0411376f7_0
| MD5 | 4d0eb2537e4997b1684860c6b62d2e6e |
| SHA1 | d6f46748d5ac616247d0054caf10cea7b9fb74c7 |
| SHA256 | 8630f38e9d25b96d192149f649a6abc928f19b3736009f1747afe18fa2add403 |
| SHA512 | 00432c8290a6c5169a8212d0dfe856409d88b420c8b2eece59f2d6c7def6af6668ce2587c08a3ad4e33a82ebd5e8fdc361055da4dd245869645524d2fee88eaa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\54621936eea23565_0
| MD5 | 3ceb5dbe8947f88be424e65bdcf3d445 |
| SHA1 | ce56b5bd56a7b6dc7e5f31c4e70f6f04b0732233 |
| SHA256 | de1cb9ba1abfa4ebf4dbce6172278fc8a7a5ca610bc19d69fd22cf31b8468868 |
| SHA512 | 277c54019bc9d6c8b14a526fad6086ad713b2059e3d939d7c6c6d81355793f85c8dd744e33db5a4b07826121c6441bf14685700dafc58820fd036ea1e34fa2c9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a51ef587dc6dd4bd_0
| MD5 | dd4671a31f1558b5b5d2c1e4cc6083a6 |
| SHA1 | 38e8592af41206bb292e0119d874b2ab5ab47a2c |
| SHA256 | 1cff9edf7cf1b5e296241c5a2ec319f80307f963363e0105e3afc5a5b2a61ce1 |
| SHA512 | 7259e152bf9f7c24c20779cd61f937a4b629af0c3d4be856ecc498e1bc858bf09f55450a0f248aee26d5f755debd03363434cb337aaa3bfcc5af9fab044e00be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000078
| MD5 | aec3e63e4b3f064cf494d382569c22ed |
| SHA1 | 78c49640dda7a4b50faeb6e667f4d3253ccd258a |
| SHA256 | 48d0685d9f0a5c480d5d1eb6ba7b4145fc05650909789ad1bc4ff7c0b80cea9f |
| SHA512 | f300073daa87fd1fde5127288d550e7b7cb8f04b1be7e051cc62e916003cf1f5dc4eac4d2d10c777167c476af86b000b98154433e10675a3ec7aa2f96c92281d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\daca09b4eb185a45_0
| MD5 | 58727053b85b77dbc4366fa7539509e5 |
| SHA1 | eba37b20cd2672245f8be4510de2e8d86be1957c |
| SHA256 | c626be64f8f0fc7b6f69a4797ee3258b0dea845447694f67afe944c35203d455 |
| SHA512 | b302e7dcd79528f9228f9bad095d823bc85e2917608acbefe7dc358b85dbec3e5a10409745b2e9fdbb828b3fd061f6ab552c174d114570446ae52c3f9a7b918e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e894f22602acda27_0
| MD5 | e4cbbefd585054e899e68fd1d8ef7a35 |
| SHA1 | a43aebbccf7eaa2e64aff2bc04947eb74e82c786 |
| SHA256 | dc15b2d47ddffa5567cc823431ff18eeaf9e5d5ccabda8fa52c618c548a6ed04 |
| SHA512 | 695644073d2ba83eba4c05cb9bf8a876b0d61ae0ac0b7680ef6a57d70baf82154c26ae2e4483d99889759d53d52fcd5c9347aadcc40c25cfac96108e07cfd29e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f4cd1d1d887caff0_0
| MD5 | 6832113eb2182b2edf68b09dfb58ac20 |
| SHA1 | 4fe6d8610bc8b16e9e24e0672d6a9a64c28a9837 |
| SHA256 | b9567079ef8cf6047aa81e4f50cb5af8be6863150b4c973edad00f0fb3bfcea1 |
| SHA512 | 004596c2d2e6bcc2a7bbaa44bf49670e60513bb5a96e6ef9e7674f81d4f419ed8f9f11abd9dd968d88f0ec0eecbc0fd014372b79d0cda63e5647d1740774d35a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 85ad01aaacdcd7209a7985992fb60690 |
| SHA1 | 3b953ef536ff67dc255af5b1e4cdeedff7cff9f3 |
| SHA256 | 7e815b13f47fbb415113e248c8d761c8b140da4c63dbfed36f1b78f78d5fea38 |
| SHA512 | ce3e9b6a674ca06e83e7ac4a589c2adfeae6fc5daa4f9fe0cdc9535ae8befad74e478baba2b6aafacd0ebe7e1bc493e62ea33c2f0e87c838f38f6da545c2c545 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 040aafb8a95130ddfc32ca3d5f136900 |
| SHA1 | 4ac6d718e135b344b7187554f50a81a393603174 |
| SHA256 | b14f7a3aad12b4fdca2c93a084df4424717a049f9000c03bd4a42e1ff6229fe8 |
| SHA512 | 68f39e1a127aa267a813c6e2724e10ffaef48e52174eecd8e5eb8708c8e1250392c3d1f0f6edf17f7a2d533d6881603c4f76dab6508535a39223002d3c446125 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e6c247c9608c35b7_0
| MD5 | 7a14b6c871470f67ce591cc34a860f12 |
| SHA1 | 0dd67c078c21017b06301acb3abcf933c6d157b2 |
| SHA256 | c345c118117d8f0d1a79f2c6cafbb84047e18cdf9aeb16703283938aacb2ac31 |
| SHA512 | 36b9ce93cbd4d916764e83d00c2e36d207e46e568f99ae9b77c85a141bfb3083cb95e93f515f1022a5bb42e966ed7937dbd1c10c784438cb58cac351d4cf2c44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\47d4e623e47f5bdd_0
| MD5 | 4e98df39a0dd7fc679fe8a6afb7a606f |
| SHA1 | 116d87da074e5c7f7e381293f652c8ad698c47bf |
| SHA256 | d9975233aca89290be1efc6da37feb4720a5ecc61878d4943af52d546cfb0f1a |
| SHA512 | 135394319a4438d4c2888225f3910ad5a5c79ad515ea8ee1ecc0a95974ce87d349e0f716102d4ce47625fa2acf89ea20c9039733ffff0751ebeacd40f0239df2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1ba208775fb5fe09_0
| MD5 | 79a9cb2a5292a4d04899bccd329cd31e |
| SHA1 | 4b5c45ca1614af365a4990877502f0304ae9e540 |
| SHA256 | 7d7e77faa18ea8d54ba375e34abff4573e3ca0f52e027244818d8d0e9dc3568c |
| SHA512 | a596b2ef4beae222f27663d24611b56725de5e9972a3f868f1a62a45ece765b4af88d13b5466721396f7769187a410ec6446a425a032d54c3303e2c0f1b26b91 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\88a4573f8814656c_0
| MD5 | beb8938810014aa38c426411c11ccbe7 |
| SHA1 | c713bc095686e610d45d47b646a503f280cd93cb |
| SHA256 | b5f6c08754f6cd68314917ee6bbe33ffd82ae0212ebc1b612882d2810b90ac3d |
| SHA512 | ec9c2cbbb3002fc87ccce868d336e7bd1f2ff9556a534eef10d653d069dded4a6292e65e3b78f45d6b8354f70fd4a01c906bbcba9675e1aada13325019ba2434 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9c0109f54c03223c_0
| MD5 | 5e1a496cb4637d90873fcb82b09bd2b4 |
| SHA1 | 9cf17687dcb665f9558ad92e4c2ecc69e0bcac9b |
| SHA256 | fb1d3d84b0bfe606e4213429ad0812e8df288b5c213906906b03ca4c16f99a6e |
| SHA512 | 03b85a1f6760e2b671083d21f37a8251ee07d3d9870c9d641627cee8a3b6fc9dd9289b3bf7596d99097d766b6f22cf60cf06999f425f38dce5dc0fa56ee3c8dc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\853a29087a6885da_0
| MD5 | b1466b37c1d93fa14eef48bef69d5a00 |
| SHA1 | 068a3884e38b49eb4d1f8b4277c53a0603bb4aca |
| SHA256 | 496b2356b237dd8645565215d347e2fb90fb7d1832d7a3f5fa1f1f056168080d |
| SHA512 | 8d218a5f29bcc1a43a4b521bef0df0eedeedfbcf4fea9b7bbb2869ed27a2ccd53dcc8b1c57dd9f622b5dbdd04b0206abf84d0b614058c6bcdf4bb0ef20980b0e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b1d7d09e2437e8ee_0
| MD5 | 0b8c488a230422d120a526d8ff2335eb |
| SHA1 | 1f42b48c050f1ea7cb06dc2aca0d59a83417cd65 |
| SHA256 | 28b6c6a1f02218314da7f1dec60e3c83ec8addb798da185a768f6f2620ed1b4e |
| SHA512 | 87c3a5d29b6918fcfaf744c8efb2bfff1000e917bcefe66d9f124331061e3b5733e9de37545914ffade398735dbb6400fd202c340362478735d252e0cfa93fe6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ae8d0b05a4b538df_0
| MD5 | 448e154359bff432f939fa59dcfaffcf |
| SHA1 | 521a5e3f5067385f02c98bc48aff101a00d2d992 |
| SHA256 | 37daf57d06f0b8f9330bdbee00472154e5beeb16c3600d4ba045df510197981e |
| SHA512 | 6e39407e686648cd16d4ef166a811b274ed429b1707ac1ecdeb9f4449717cf3fcb3c17829fd9565a4d5a7a573516dd8f631b16b74764e5a92f447b74df961c50 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aa20c296787a3f88_0
| MD5 | ba806c576a3e413064de899767363d75 |
| SHA1 | 3d2847dd020bf1e77ffa3e893df424b9bd802509 |
| SHA256 | f48154afd2b7339005b5d1ee7d060c72ef6d140f6717f48272e3408f5a85b29d |
| SHA512 | 96a94f6b97edec188ade610c88415a20fbde890f429025ea85a13ddc6a2ea3b3ab58994725f169985c3582986a960ed7ed4caddafd416fed9e7de489ebffbac0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5b2f11f3f15a5775_0
| MD5 | a90602e3c7d98b0a0a1b1d04d9edc410 |
| SHA1 | 6a6e2bb6ba896be1839a4ee588d910a17f2f860b |
| SHA256 | 6c58ea4923d58a9963722e7f6e778e1319295bb771be954d10309b997a5f5a93 |
| SHA512 | 54d3e57736ee289417fce93ebf27dd59285cdd270c7f76a1a26f79f8b1c87b123c5e04fe89604236480fb0a0befe4e5ff549932e61377b223a994c66b992de4d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3557d97bacb52931_0
| MD5 | ca6fa8ad3a43508f04d4a76c5fcac93d |
| SHA1 | 8ebf3eacdf3ae7390af234b0a969158edc62fc08 |
| SHA256 | e82ad8581ef1facd56c39c8a7314345a9e4ea22eff3dd047ae3bd452a797bbab |
| SHA512 | d4b0674981d5bc9d9edb45a06d9d701967cf069e5dbedd6f1ac8abe486075584e0a437c476d9abc120ea4dda62e324d723a8a5dde2710fc7cfff102c027e8c23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f078f5fb70fd150f_0
| MD5 | d465812cd62f03ea9fd8dd7f39f0e006 |
| SHA1 | 549e8d31b00ec84db7316d72d993f0e424d0f18a |
| SHA256 | 208a0567660a0c5de666eac92f02327a92c16098a5a937d70be2b06fd9564f13 |
| SHA512 | ff2cd671b2842a24829fa36d62177391b9708a8d3c3bd69049193001b39827cf814fdfa66004bf4e9d7ff13e02e9479c027836a87679df82cfa29c5831aaa903 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7a66a1246c4f29f4_0
| MD5 | da18627bcb9ea609eb0f39765492cee9 |
| SHA1 | cfa72310757bc9ea846935e5bc0727e2709f6977 |
| SHA256 | f26917879853fca582a79078d9d702ca680328c3d093690bf3787983cfaf1104 |
| SHA512 | b8624da8b8f87ae2285ffabd21f40480176be6e94c6c9a803e2dbdc7fdd3a89a7adb8bf179bb9117faf42aa87475cea5b21c29a457a40be24cab8184cad86d0f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\14ff8116b518ca2d_0
| MD5 | 6d5a7765628d0ef89232db725eb416d9 |
| SHA1 | ea55f498233e15730ff49bcb7476ebc5c44fb8ba |
| SHA256 | df8bc348b3696ddc01ea640060c34ab86048e62c80a402c3088536629ef40174 |
| SHA512 | feee312b9dc75286ae620259d9c769e98af99aca02ab2a89196a8b75eb33a6cf9dbc9c0211c0ee009a3a0bef82ade7d3e022d28683497612ba90a5c890434c5c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d00019f29c31fea5_0
| MD5 | 532953e758b1fc98eebec79e50e13fb7 |
| SHA1 | ea5e129ea61a6357b5d8470cc02771500a01ae4f |
| SHA256 | f440b525a7cefa2b5c51fdcb3b87a33a6c5e512e20aac21cc72dc7fcd393b80a |
| SHA512 | 8b431827280ae0d94dd9c3273132297f0e00621e922edb209560f259547bbb0b803f22aae84f8c589f67060c36cb89246be3cded882a21c78fb62d436d47f821 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c33e264ced11fdf7_0
| MD5 | d95df7cedbb8203decfd1fbe24801a70 |
| SHA1 | d3b5ba50c3367d766ce50fc2dde8d83f7f2db6f6 |
| SHA256 | 43b86f2afc48822f72b8d1d08c471dd3c040d0fdeeb49313f8281dce5020b208 |
| SHA512 | f9114ac80b7e3800475293b330db8737e43657478481eec5981ddb0adeaca3199909b31e1be091943ddd8e7bb059d225637f5ce637c7274270d1911ed93af9d7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\edb3b6840a8ddc0a_0
| MD5 | eaed2a2b65dc8d88fe9a75418c742ca7 |
| SHA1 | c38fa9eaedf6cc91b441d9809452757a5d61bf39 |
| SHA256 | f6f47dc08ba3303fc7bcc3e4f6095bc713279a7e0189ad49e5a4e0e4e630be1e |
| SHA512 | 1b8269c190c262d6ba130244696e3376ef902b3ab6195a8ec68c737188cdada7731aba940452b5ddf3cc77bdbe77d0d15d9767131e7a84072618695466c3320a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8e5987d08f7b6e11_0
| MD5 | 0432f111b14da4e6c8f78fb4d43315ad |
| SHA1 | 26e4f6b72610b8c431c44a8f21cba74138186f71 |
| SHA256 | 901516fb74ff238c7b280d32f0c1bef3722afa8ffa603579aa826bd6569dfe96 |
| SHA512 | 26e3ecc5159145b7102213276a60750128a25f2492e9920fe752de5bbab91abb141dcf2109d813cba2154acd2cb8e540bb24db0545f91ba600382223ad7c6011 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f9af4bacc442d47e_0
| MD5 | f6facccca87cb243d8cb3600d2a977de |
| SHA1 | 38bfdd406e40c133d012fbe58318a6740a1b93e0 |
| SHA256 | 7c4340ac1d5d4ed05e98825f48fa1e88d94e6946ecf315086155d1a333e60c68 |
| SHA512 | 946e5823088608cee06cc4dc08dc620546728da95a7186b8573147718ac91440bc95d694efc4cc6611303abce71156b1827b3dadff37694173f73ad75d403104 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\632e260441be7404_0
| MD5 | 223ac7947db852bd204250ab9f5a8635 |
| SHA1 | ea083c9749f9cc8adba4d934c3cc773944b6293e |
| SHA256 | ae680141df4e18decec2020cc3a2c20ec2237e4c72784416bbb4a8611e076ab6 |
| SHA512 | 8a2d36b41e9a7912f51b97f4cfc8a496b569344235fad4fa9127c6053780d72826a9dda02f142baa860092fb583c77afab5f315634cd7543a5c86061ff9868c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1860851168a17773_0
| MD5 | 11b3ee343fc7c66c3a5e2667cb6126ce |
| SHA1 | 22cdc67c6be6decf02d4ef6ab610ca76ca616f13 |
| SHA256 | ea4446d25b934c48ce76761bdf3b41a37644951d94341a959a932b2ff01c9042 |
| SHA512 | 1d190520e0760d4c1e0bb3996f98288eade4570a9e59cba92b0c56b8d927fde0e1d58a88ba1f358b2100045a802393a9ba60ef683e3e5dbfea796eb1b99870bf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a6537dab24e365f9_0
| MD5 | 0fad7dde185e994093efe72bf8b391e0 |
| SHA1 | 744d11b5c842945ea9e9b89be2f52c91541c0bfb |
| SHA256 | efd0aabfc33dace017029c4824c11ef59c638e3189c5c3f861dafa392a372bfc |
| SHA512 | 868c69541e11ef84a35258832d7be0641ed82b457f907b74eaa6d131d59f1bd0f27616d4ab527f17489adb4ad7ac464581054f1b23f6d961bdfcfc9911640148 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1927a26afb9a8b4a_0
| MD5 | a06a428b15f2015e98d230aaca84eee2 |
| SHA1 | 6e10564ce69225dd0885edd41f237792692e1e87 |
| SHA256 | 62bff18e024bd4241162ddfc1ede312584b5115b6199d64c25b260aadc8ac7ab |
| SHA512 | 21a657926ebb78ee9f8627916bdb4aa258ef836af6cfa57b77634407fec4f9efaa757f5bdeb282bdeec98ee234e7dd4439524c280adafc6ce55ce882ced06534 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\daea348421cbc209_0
| MD5 | 88db0c6df0e45c9c96b67652da0c3d1e |
| SHA1 | 2192291b5304cd276011f7f38dfaaaea4d260dd0 |
| SHA256 | 4efaf352302b2200209185dc8d61f7090711641bdd121c3466a3898cc16e3b5b |
| SHA512 | c61792bac45214a7d59936c6d4910576e8e01c0b188b5d2426cff99e627faf09579033292fb49fb9cae3eafe1154b4903b7bddad9bbd33f27e3b86ed211a4046 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\JumpListIconsRecentClosed\395a4188-a414-42e8-9db5-cba320412ca4.tmp
| MD5 | a36e9e4606a1a5ee16ea8104cf1a5c7b |
| SHA1 | e9fdbd0d5e058441e42da0a9443c10b08b4501a1 |
| SHA256 | 226522107a0e534d988a5cdff6b410f66d4f26b03ce28ea915041920f7f4047b |
| SHA512 | 12ed66f9f12dcbac9bdfa98c5ec58ee6d6abe8327cde11fdde47e838ad0dfc21ae37f48d0bea85d6aa126553e560e2de0433151f6a5d2dd3223850423f931ce7 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | cd75592b5b3696b9b96c276c1c6fc4a1 |
| SHA1 | 0075dd8e6698ad2f9a67330882da73c8d8b5b6d1 |
| SHA256 | e55e554895fa1366318e69ee91d15b3bc8f315c3d03bfa90ae054130b096c32e |
| SHA512 | edd8d28fc896c616c7128d9c05afeac5e24993e0238ddde61007ec7b3159512d04059a0420b71c05a5facac28124f9c273d981b784ad97c9c1038efc16c23ba5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4bac6bc85c99fbb72f0d50165a5c6d10 |
| SHA1 | ba836d5acb0092ccda5fc32e42991c999bbc0cef |
| SHA256 | 39f91f74b3a7a46f355fffd3ed87131adf1482d29c4fd42fb21b4023d3f32fd9 |
| SHA512 | db5a60035c6568d9c7cb8ca9089954d737489a8a644d0525904c49183b2dd580233257f43c3ff4e4f4553c5c430697247cb61473ad9edf4e1fada92b60244e28 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 87faceefb2f66bfc91237202913f0e5a |
| SHA1 | dd1fc64c7b9335583575678c44c93f17a09bbbdf |
| SHA256 | 95f580a46b67402d3d842dbe09269741eff157b0ca0a7de4cf0535a635318ae4 |
| SHA512 | 67e60c45d4ff3fa292c6a7a77d1fee6f4f053acc5f9eecf3c871f7cef68c406e29a3130b21560cfc72a30c42146c238afee2ab7568e6107aefa4c8ce6e403c9b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | fe6d9497e3f8ed259e9c49e670893248 |
| SHA1 | 3cfa59252edf787cbf1ae76589ed357b544079aa |
| SHA256 | 66641cc388c8114c8e425cd3ef56ef07ce21dbdace38e4dd37e8fcbdc8ec54f0 |
| SHA512 | 49fa9e98aaa27db57130325498f80c41a55203b0b15a3db1fe97676856041173921484a196fde7f87f4ed73432af073fe0f575851f9f589d04a372496d5d862e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5da5e7.TMP
| MD5 | fb7a85d6b9432debf622134cd52e496a |
| SHA1 | 834bb4a5af84457d380e899e7678abdae20d8643 |
| SHA256 | 154e7b0138f257c1f98f65cd4e1b87144ce7d6b53426768869ddcc908eae81ac |
| SHA512 | 5629e20c3e1429bb7641ceefe3dde90ebaa519d6a0956550d9e289b4430f92e16de1da7c108d5989a1908c90f0c4c8a26acca6ab4c55b47d13bc20b1670bcd41 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8ee4af1eede1bbb125dbf3ade75fe5fbb191b7f3\615f5a6e-71ba-4bbf-9d70-9ae0e04b31b5\index-dir\the-real-index
| MD5 | ccc0588dbf70a779e8e190abac35a521 |
| SHA1 | 48431573d4f769585a1fdbbced8e5e1b269b6420 |
| SHA256 | 92fb928cbd4bcfe41479e95931df38c11a884497de218d5a2503389c1c58b84d |
| SHA512 | c445824d9a5825561c61750af00851a5270faa0bc0555c017fa300962e0ce09eaf883aac1b507b2e5a6c694e76448e3405eedc202d07313509438f06964bd6a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8ee4af1eede1bbb125dbf3ade75fe5fbb191b7f3\615f5a6e-71ba-4bbf-9d70-9ae0e04b31b5\index-dir\the-real-index~RFe5da616.TMP
| MD5 | 23475d16e4440247902f7db0728716de |
| SHA1 | c7e64b5788a13da937746eec7b37daf173abf3ba |
| SHA256 | 8f34870aa81d91ec8e7b70e8d5f62d370c6fd8ff694f96f8b53b6a50a05a12c7 |
| SHA512 | 3a9461f53bf595a0aec78fc891bf843cd33d3c32a6c893903ba2b474759350e1c93000a51f324d4bb99dd9fbf66b0b0053fb4d9eb076ea39c6cda92f8c2a86f1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8ee4af1eede1bbb125dbf3ade75fe5fbb191b7f3\index.txt
| MD5 | 9866c0b2e9e4ba024f41ce78ad863c68 |
| SHA1 | 120d113e439073b190ab6d3dc7f5a4c882a615f8 |
| SHA256 | 41a6297c97868c294302f65ebb0d1ca3cd446edd6d99e3bf5750357025594f59 |
| SHA512 | 4519a4d3ce10f190e0c83774e9fe275e98254a573204e975d0db117f148632273605a648958d960148ad4e45b37cebc2a4f0fb76a6d90dd0b87920c853f6b572 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\8ee4af1eede1bbb125dbf3ade75fe5fbb191b7f3\index.txt~RFe5da655.TMP
| MD5 | 61e2ec6e01365c022a544c538b9703f9 |
| SHA1 | e13519eb91522c41c8e32b667c3dc538e7fd5d94 |
| SHA256 | a3d65b88b218c9a0fc9935f10585dfe812ad5adb7c01b13d7c3791f792b76461 |
| SHA512 | 17fbb02a9ba510344936026c1977f2d5719f8debdeb2735a40d11d48083d37d3d57ae993068385000ab034f1b39e2a6322ab090f305e81dbf3d395281c45ff21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e5b7fe8d79737b8af6f3aae1d1b876e8 |
| SHA1 | 95bfa61638bad593c1072614383014dc6e351e23 |
| SHA256 | cb6d46775e4fda5263d83b50ff881a574fe1c4a80e6a672b87e6e387fc331bf2 |
| SHA512 | d125ee543cc35542af87d2af76aeea88d00b039e10df0a1bf169c55bcb52ec9fe5893c91aba827516804664f30b069e46566fea378652f092a22865eb4ef63eb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\ef078505-0d1c-4a38-8c81-6896658e63e1.tmp
| MD5 | e0ed4d41e5e93249ea9dd3bb56348a89 |
| SHA1 | e1b1ed246069536f2e1cf83459c58da0e8019773 |
| SHA256 | 3e47ffced851e3bf8e2cefed446abec2e51ea22f0f5f8d88acefd93f55b00e0d |
| SHA512 | 90aebe635d502c574524bba1c6636cee92c89965c41fe667ad735699e36977ea330c85ef986091f64b0aac8fbdcfb4e90124e7ed12115f8b482790e50eac5283 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fd63bf70c1d7883a86625a1c1cbe9d9a |
| SHA1 | fa12663b17965bac09077dc0c97f47d5a2ef35c5 |
| SHA256 | 7f9dab5f0e5a4b4971a74c9dacf4f8b3d5d12c84a5911c33cb73d575358a874b |
| SHA512 | 97b79baf74bf8132a1271cec46489dc73bccec0ec224a49ade0fbad5e659acbfe42205a9e08e65256293f74ddd0b4ab7b5ecbb7f0a8a6689bf8b0776d678ac35 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 365d4877f1fdcf524324222158c0d2db |
| SHA1 | 51a9dd8ba36d713826fc4b089db05efa367f306e |
| SHA256 | 2faebe402648d270388d32ce64b86cb863696905fe38a959a8dc8ad9cfcf4538 |
| SHA512 | 6189b3056a1f8a0938718ba45fd6d2d638ca7be65adeb602ccdbb94ecca63957552d5ee4f1422c47c5520934ae50ec482719801228a20174b63effbcec939e5f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\81764cdb356c9506_0
| MD5 | 3a706435cff5c428f63b62c01ee6fc4e |
| SHA1 | 867ea02f762a24ca6890b927c7ca8a57d3f52c27 |
| SHA256 | 8b22ab0b756c132ef0ec13a723b710bead3aa614fea1eb7024ced3f7649b2396 |
| SHA512 | e81045ee39c54a948c741afe116faaf9e0b4712369eedd930ae0e5d164024f4751bf97d8db814aed2a7568ce7c05c99afa101436c85669e807741abfeab35f0b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\02735674612cbc52_0
| MD5 | 8e1639f35865be918b41e64b90fce71c |
| SHA1 | 60e222d164bf5029ba0ce3822777896a6116d469 |
| SHA256 | 37fd5075be381d05cef872360790ff648e49374e5711beb36e36598ea6a83cc8 |
| SHA512 | c20c834b20c9c7520c334c9e81e5e5b022e22b770a54ebd87df1b2d4151091618400fb2909836293b5bd5a56ec6c43a66b7a027e0b0e023b1a7d18477e5c9e4d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\635e64b37935c888_0
| MD5 | 11f853098792a1d0af0edae4979b8b19 |
| SHA1 | 09215a0755ef2bae91f8a5038da2e0f6dcaf763b |
| SHA256 | f516d1278a82d075b3fd0229afa1a990b708901c9a2cfcba125b028f140659e1 |
| SHA512 | 2feece23e197650277ba8bd7ea0e24f05cac6b4706f3ed0652bf9060701ca742e12fe2237bb8f287f9c5b226f06babcc7436e3196eba03c852675963f97b6919 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\03eef0e77feb64d4_0
| MD5 | 5033597bec51b56e6e624b0a66cdc9fe |
| SHA1 | dfd8fd287d9f082e543c36d413bacb479ecbf922 |
| SHA256 | d30043ab0b4a34e3bdfda8e6a8dc567620f9cc99355c9a8c145efce83af3a320 |
| SHA512 | 0af95d1e8e69ab9144c11dd6e2d755f198f6f1f66fb78069b1736b4d32667d181ca32a58e6103ec0a1868512bf6dbd992e04833d3785a56df6e11ad8f9fc28ee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7cf9843337c39c04_0
| MD5 | 24cb5bc75c825b95042e4a1cb2ae5307 |
| SHA1 | e4ce43a9f97d8639bdf4189364ec52213abb71a1 |
| SHA256 | 63840f4639e3e51698cb7060e0277260cd7b5c1ac192f8d07fffef89a49e9478 |
| SHA512 | f24f7b8d7b26e7322aca783db4a21aaa1ede2a46e9ab1317aba68f958ba6e2da3cd328bbaccad276f8ae4187427069ae6e2fdbfd01267fb4b162842df633011c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018
| MD5 | 68f0a51fa86985999964ee43de12cdd5 |
| SHA1 | bbfc7666be00c560b7394fa0b82b864237a99d8c |
| SHA256 | f230c691e1525fac0191e2f4a1db36046306eb7d19808b7bf8227b7ed75e5a0f |
| SHA512 | 3049b9bd4160bfa702f2e2b6c1714c960d2c422e3481d3b6dd7006e65aa5075eed1dc9b8a2337e0501e9a7780a38718d298b2415cf30ec9e115a9360df5fa2a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017
| MD5 | 3051c1e179d84292d3f84a1a0a112c80 |
| SHA1 | c11a63236373abfe574f2935a0e7024688b71ccb |
| SHA256 | 992cbdc768319cbd64c1ec740134deccbb990d29d7dccd5ecd5c49672fa98ea3 |
| SHA512 | df64e0f8c59b50bcffb523b6eab8fabf5f0c5c3d1abbfc6aa4831b4f6ce008320c66121dcedd124533867a9d5de83c424c5e9390bf0a95c8e641af6de74dabff |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 2a1dd0e7b50b8201a935ac033350821b |
| SHA1 | cd9292601d8ee8ab65d6003f1178a331fd7749e5 |
| SHA256 | 67568a2a60441bd98762daae657f11a62fe1303042a5e8e04e6fc68950f60cec |
| SHA512 | 2c5de9c0209b43343fed19d7933103b34ccfa7b63d862d038af1882a2cfb2910ed4401bcae476548f4ab9106eeedad0b01297ae75f987bb14769887456188bfb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fc6e86bdaf43b8336ffbbe87eea4de59 |
| SHA1 | fc70189cdcb71b4a53367dcfc933eddd172e5166 |
| SHA256 | fa9cdf66cdc9842c709f44cadf67b52c3500b60eeb2149031008de132306ef09 |
| SHA512 | 408e9c9f814a06852d9455f5b5fc005e16ab02454df90fe580127774dc735c266f250ff6f1f8e9031ed86a94bdd9c5002b4708de521e55cf881cc1596ae374ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1ab01b9d9a38c8cce9986607a93efc5e |
| SHA1 | 18d675d1796969c43377e56e55a3d0b9f97e7ca9 |
| SHA256 | 860de2ef592d4b745fd5e4b4914d6d9fd2d86bf209c0ea86445bc749ebfd42ad |
| SHA512 | b3debba2c4d79c8ae94e426f634167e3f43f17d92d441f494c5c7befa458ac975cb56d93e482a588f29318daee94011f9f1dcb9a16d30fd312a404554c7a5134 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 51fbfad50d04810ef27a0afd10d36a6f |
| SHA1 | 197d409069db4e14211034532ced7be0139bcf3c |
| SHA256 | e84db68f80de00469c7e86512f929ac715e2a75067f4a9faae1a920f65ffa9a2 |
| SHA512 | 1e03cd69c50e04b012c2e18b5f3fa6502d7cd41897d6c4e8457e5b6e0ae3af39a56982923b3b3dfca64611b967e60ed33a7bde0a5b11d28450826af3a789dc71 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 26e5a9c13731561cc5d7e0ea8a7861e7 |
| SHA1 | c248873360ac975e00c4013c56ca8a29e3e36e61 |
| SHA256 | 9b5f1501396ff583ea19297569fe840c0b59007124948d52809f45e15cc510a6 |
| SHA512 | 6eb7cf38475073332ca590a66a621ce6c76aaf0e9ebd02e7571f278aedb93e8626a6606822c1ec4d4103657bdb772b4c9a80d1f068199ed90a88e4c3ea2647bd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 695b70761cfdb595bcd4ece340499623 |
| SHA1 | a71c599c9dc4cef47c8218f7a8b62c4ef2a2ed55 |
| SHA256 | 583cdf7bb306aba0327a620d7ae7eab420dcfec2aa58c6b6f6267a00e2c9a245 |
| SHA512 | 3233878fdea03831d3512280f67db2d991446fd6bd88b8e5ca02355cd6d4078402de9981167e3ca666028b2aea8bb52a215ee998ad71b8ac11c50fc4357e0a31 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\48b1105b4c2874b5_0
| MD5 | 8f9edb2a27595c0943b27d8a92ca3062 |
| SHA1 | 1b9246c3ed672c02d48f35f96957583bdd7567b4 |
| SHA256 | 480c0fcd38d992ac596ea343f19be72998ef005e4a78fdb7a2812f611c3477ca |
| SHA512 | 3eb40da6c35b1089c70e7e442a5758dfc797150b4d7318ba229b74075e4f56097245bc147b37bbf71e822f808875789465490f52b829cbb5d4f0eafabaf7ddd4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c807b8e9088e4030_0
| MD5 | 90ffc4d1fcc52a98a7203a0970eb01c4 |
| SHA1 | 858777963f39e2050f4d9d4f5efe4a4beec50111 |
| SHA256 | 9d3a48fa351d5516c9cfe7f681c7b5ab4b03757b5ba15b82ee91c7cb96084ca0 |
| SHA512 | 2667bb8433678d6e00bba5af41fdaf63b8d57a49a44224e141d841613df642b6f679260e8db45496f7428b07015cd144bf2623ef6f021de0ae03c21e11754b3d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3fd2be14abb3904c_0
| MD5 | 80e4fbd2edab2b18c8a1ebdb8c3af4da |
| SHA1 | 7f6e2fe0da422cfa2fb241559c3e80500a6760d9 |
| SHA256 | 8eea464c459f6840bd67118e9d64302db1af9830cfa64259ac00558b3862933f |
| SHA512 | ea3fd97c13c9aa4c17ade6d81878cfffaf32f4e3f3e6d584191bd0cb920fa899be3e174940e971abc8c5deaf626baac6c444edc09bf7803312ee82ab445527e8 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 645056f87d15834b6139c5edcfe665a0 |
| SHA1 | d9c7969263b133464be0496ad812d30a4a0cbad3 |
| SHA256 | 7d69bc20908da8e7061fd5b108e300d9f3a36da9de4b7a7010755734c9f7beff |
| SHA512 | 1e9824e31309e7e211ff09d714cf3c89b69dc482124b739e00874ffa635602596848579a830d6c18619b54e6cf01a584feeb0e5ef74f52f71b9edd5e86d58867 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\24360874c99b2368_0
| MD5 | b4bb387825f634cf6a66def418991c03 |
| SHA1 | c00e996ee3a24487aa96ff2e566daec1081b3094 |
| SHA256 | 2c302d2848a168ef6cb9bb58b4667d8c6b55d45e82e9b2c71be3374e0c682f30 |
| SHA512 | b9cf1a5660833fb0274fc0af07c2a4b04ab3f9a1cc5a0516768b139db8967ea157523e7f9583d36e3e0e6239cbe8fec3b11ea7f3d2ccf40c2c656b4745eb10e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 959a5a3cf183fd2f416a740ceed383d2 |
| SHA1 | 7e242f2f9e1c42dbda616aa835f07904dac24856 |
| SHA256 | 8d864016cd3366ee5fa3db197e09f00008fe55c9ed9185b28f834856535d707a |
| SHA512 | 4860171a972a0365a27c4505eeaf97c6e2b4169a32b0e2ce9de889628e139e8305874a836d8319fe2836a62246ee018a13eb72ffd4a4b412a557ac4b8b6a8642 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6aff3ba91a6a45de089e1b03b2706fb3 |
| SHA1 | f47ceaf14aa950776da9361d2d928bb1a2dd0b1e |
| SHA256 | 27de6b6194d221605017b8a2399f3d15111b07ea5fd254973c43591f1f1c3150 |
| SHA512 | 7b776baa968aeb88a059ce075691fca267af59f42733ec89bc3b5004ff0917e9ec1cfb2102c75dc8a5509bb03773f43a073e92dcb4b1a390ba272e99ec5451a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | eb738fafcabea2c5ceb1878f01c52f9c |
| SHA1 | e83203cbc06cd2e93093a36782f425fa3e21c657 |
| SHA256 | 4ea5391423e79896f4dca812ea46770e5b117278a5cde60af748896384f151c3 |
| SHA512 | 3805d2b2730aa495330085509e7f8be021d083117b8112be17d25c9e4dd583685cf17ff2ddd6a9edb30a2bdaab6424ea8c1494b30b3f0fafebf5ce2df1310c1a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 68c21bec81296bcbaf1242063ca04a8b |
| SHA1 | 11190b3d9fb000ea376276e199d47f0013646ddf |
| SHA256 | c21f09024a8915342d13164e1dd2c072b7c35e1f44fcaa3c00fd6e04a1c34666 |
| SHA512 | 167bfa5b5fe715888fa335f540caafa82916de409dd2baa060b873bfb90126d65f6b6e62ed25b955b4da98d2472583f1cfe92b727acdd61ec8958a3c2b3bc8f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | de4c72853047d621c2bea7c2da897822 |
| SHA1 | fa6c320076cfa16e772578f307f577d9d0835357 |
| SHA256 | f768b8db3627b021282fd1d5eb2dcb775b36118b251aa1842c868991a96281f5 |
| SHA512 | a8786b9222dc2c8840607be25fe403f7511c0cdde21537c2602aa3861a1c92605f7aa1e7744e1098c9599e8b374cf17fc29b8e3c10fee60b32128145c96dd43a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3d5fcf56cd650bf958abb0badd8a1c04 |
| SHA1 | d34e7931d835ac0842b577d75f20eb3e95053e3f |
| SHA256 | b3346d01e431f0994930e473b0c3f07513af45564cea79961ccf49be762bb19a |
| SHA512 | 2469cd8cdfbb1f6ca4c37fd28cb7e987e7f618acb8f850f311a61064846cdcd66e73673cabd95c4585c5feb09af38cc85f5be8fcb0d7c3ce996d217f6d802ec5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | aae1a22e13ea1aaae316e65851cd8418 |
| SHA1 | ffb272044c582d82094f91b53eadc1882ad3de12 |
| SHA256 | d66258db6c42f2d4d324c63d3b2154827d63e669a87be1bf15b4555e898bad19 |
| SHA512 | 85b29f830bec06795ee71830a456d168c33eeeceea481eaec361d4a04b25a57a78c74eacfd18f833b1fb600b45cd6e3f874ccadc9cc9a647978a4840762f525a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0b95dd4fc0c61f497443966957719db3 |
| SHA1 | 1b66d06e20b98bcacb03510d50d9039b4d36d2f5 |
| SHA256 | a8f0e28502a0adcab1e4ff21bea8c2653cc33ac7598820bdc9a15aa60b2c5ee7 |
| SHA512 | d3f0e50673cae7a3e5f0e802fc69e3c24c05d7a8c3c92e6a2365fa2e469149eb406bd069dd5dd06c3769e1410cef5dce08e4a048639ae3cdc7957ceab90601c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 4cf48ffcd7caae5550f735410b552d16 |
| SHA1 | 8dd658575e8192db92f8c3e34be95b0d63ec2789 |
| SHA256 | e010b2a0b95d7b053d394f5ab080e895f84063dec8ee14b91e78e3c926003a24 |
| SHA512 | 50d11a90796d1c4b4c0df0d9a9b30d754e7020b34e10b4e8f48370301c05cfe6ae3ae3968a79456348f63bd81c7fb602e0b0a342c578a85a9a9ef3bb0e0074f1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d3bc8373165e77d7e26dc344cf425d35 |
| SHA1 | 3f9e1df5bf7ce4162b5d5f07fd6627f90bfd526d |
| SHA256 | 5f519bfb88b80925b0a8013331ffe34ce5d082e99ddf996556dadf6b843c854a |
| SHA512 | 2265b95d56463d5aa0a8b6b402adc884c1f3951496fa5cda4d4d4789e996011ebf84fa4fb3d4743c12dea70c2ee1c3de3c2ec1766bc736c5c77020f37b58c936 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6a94e1c97413aa18e41c12bc8f64c02f |
| SHA1 | d5fed07f638ff5348b660c907fb312c4d3624d25 |
| SHA256 | 097c298665a12befbfd449b08e9db0c16ded5f16fb86b102ea592760ad7168e6 |
| SHA512 | dacfde1877a5e50526f9f415632d1305d7d0436a8ce5aa648811caa87c27a4624eab0ecc227fb73acd5e08db21fa7b2607a80bfb60dd26aaf4a49249d34a34ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | b517269656ce1d4475a5eb4282543a69 |
| SHA1 | 1ae2a18a9677ee4efc434528fb1f8bc7ac0c6219 |
| SHA256 | bdf3f3872c1686118df0834f78b5dbbdff295ed791d7cf1c174f841741e98090 |
| SHA512 | 403d533949cc826d3f979a17d423b36fb63c3868be43a6b4421f5b0d1c047a95375dbb01fc83e9a506b2be339a45df7b0102ec0ea264837d282e890b025290fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 06b00b91eca59276e958bc6dc5023d51 |
| SHA1 | cc333ea6afd91c7c408af915aa2417f1e55b1848 |
| SHA256 | b1bc36bd5e69601512d5ed56a3aeaec21c2b519e1d96f28c21906e7a5a951864 |
| SHA512 | 4aa5b85b743d948736ebd2c6f0fe01be07d3c8566841a03dcb2cd6ebe89d704fe49f7dfa529cb3a19138821bd8c679c903616505cb215e549f0ed7e98f15cc2d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | eb062edbeeabd790e29cfc438a5ec576 |
| SHA1 | 458112df577300e81deb8d39387437480e2c29ab |
| SHA256 | 1236d67a76463908ff57e743d2d905a2f8f8a0102aaa54ca13bc1e9663dda66c |
| SHA512 | 57734f29726f3ebd8a970c8c5f3b1cdb20d9182118b0ecece6860bfe0ceb7baa079828401fa982960a8d6f5cbf68146f892d397b6a9e9b67dd8143794635f51c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a24243c37fce56421ad62953827ed0cd |
| SHA1 | 47389e5c18a934ae6f009cf3e0f18c96459589de |
| SHA256 | a7914043b25f2016f7def8299414abf6fbaa0ac3ca51b8f6b817d4140bb15fd2 |
| SHA512 | 093292dd19afceea4c3ac69eceeeae227016fa2beb92de3eb0981509aa282afd19121f7752fb2c1ab72065ecf874c9a73f8a00991aa28f66974983d0e2fd37fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | fff9e847c5e1bafebfd426946726ba7c |
| SHA1 | 6b2690cd27482c325c0ec743de7d9de67395ff0f |
| SHA256 | 073b3f3ed11fdc3b16ce4e9a0e5bb517d5262ed751277c21939a528a7d0b0196 |
| SHA512 | 5d5806da3b695063ca84c56f8e5a63a25ff81820cafb9d8dbe1a1af092ea1cfdd8115e3db6c3d2615114815585ad05456fad6c349f480288ee1f8d06f843bb07 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 267f22ed3617d97fee55b66d89b1afa1 |
| SHA1 | cc24bf17bee0e1a962f2880e0d199947eb558dab |
| SHA256 | daeaaf7511ecf9b4172aa5725975a62c32891ff912a599627a29e945543cf30b |
| SHA512 | d5afb7bc3c7e95556a8274d25922bb64d595495d6259e9b2590348068cdfbee17c836b2cbea1c89a148f10fb8bfcf62a707ffb94cba5eaefb0b5e105f8319181 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1e8abc94e1049e9f89cdc9c218275ad8 |
| SHA1 | 8fe7a7fd5884b9a024f5004b9d96ad8de1ae8775 |
| SHA256 | 48daa29d65b790e05acc5ab0892d1c3688b8114aa585713d05f6c7aef355278a |
| SHA512 | 438d50aab58478d716923879e5ca7c976e9659f27a9534e0b154c6171c2e9a195ea489a045d0060122a36c3fd296a0cb6301de9b3f185ddf8097245b6621f56f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | eaf82f39dcfab39cf3af0e0247069f61 |
| SHA1 | 7172188e483fbb75722c9da6192db3c7ec12ce79 |
| SHA256 | 774253915e1793009d6e587ff4f5cc5940f173276876e8823578b08b9fc3297a |
| SHA512 | 90cdec6ae9ed43f0cf4f6871b4c625876b7a0d6bc30879f1ea11045ff3f6c0f447794d815aff0c49a311c0ac1f44ab5d067a2f11bd259237e53a2954776ef23c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\blob_storage\f0a27b1a-9036-4721-bfff-d4a4aa50a7e5\4
| MD5 | 898349c670416e28038f35bd972b39be |
| SHA1 | 52eafadbe3b3193e5586803251488aafb8ec6e83 |
| SHA256 | 8b9049fdf391c527b8598528a7b847adc19194fa6499c9919eab3811165f744c |
| SHA512 | 028506d38db1eb803f50b621aff0b620388cf6b3a98c477c0cb1828e3f56a7cf0f7d463956dbe370221a9dd59a0e373033386b2c9bec2df520fd36953c1a1976 |
C:\Users\Admin\Downloads\Unconfirmed 225018.crdownload
| MD5 | fba93d8d029e85e0cde3759b7903cee2 |
| SHA1 | 525b1aa549188f4565c75ab69e51f927204ca384 |
| SHA256 | 66f62408dfce7c4a5718d2759f1d35721ca22077398850277d16e1fca87fe764 |
| SHA512 | 7c1441b2e804e925eb5a03e97db620117d3ad4f6981dc020e4e7df4bfc4bd6e414fa3b0ce764481a2cef07eebb2baa87407355bfbe88fab96397d82bd441e6a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b4aa430441517e8c495ab3de6e892b6c |
| SHA1 | df17f5d774d3a3aaad3ffcf14b32e7a49ce7c8f8 |
| SHA256 | f64080d68758c6402bdee65a0c9d031c4c94e25337260785a069855dde956827 |
| SHA512 | e1003bdffb83c9f3a49da0f9eabb1024bdf39e9a62f798da843bef7988f1364f733c1a2c827ff70e6a35b89232cdf9d8c6acd85c75883332c2d3f2ec72984d71 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | aa005b7b989acf2da6e05e0e2c828749 |
| SHA1 | 1149bab6a7d85deff8f39c87456d12975f6861ff |
| SHA256 | 4b6135fe54abe3df40a7954592d35356d5e9e47d1b92c6e5f089aa7aea0858a7 |
| SHA512 | a15f7bca1aa1d2eedd902b89a23bde57d2a558189eea59c54deac3c2c501741e0728b7aadf90048441f1cc805636701c30358ef98d54b84b8638f30c4377ee64 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5ee0027b2f333def75688519763ae1e3 |
| SHA1 | eb62636571a631fe504bbf5e1c54745d67ba1111 |
| SHA256 | 538c8971a0345b94d5aa672dfb376f26f342cf958905d378990a9a6eb8e71fcd |
| SHA512 | 7836d310b88d7d2bf4c3d4c67851e5b2e0d0f8785d4ac1849ae323b601bf7271140f60cf166a4fba36fbd857bfd7654be6e948d69d28f0207325c7188cb9657a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9ddf6f0031761e7d34b077c8d50b6727 |
| SHA1 | d9fd7b84a14743893ac28496c21278484f948cab |
| SHA256 | bd8870f58f3a6eafdbbe8ba3f2feabf028d82552a1f030a5c6744f276974edaf |
| SHA512 | f628fff1e6dbb24ddaf83cd83d8fe908e04c6d93c436a06deb79c9e744ad3deaa7eb14b733a88935f165c415c115e6b94279c1ac1b5eb6d10ba779d2826dc4af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | adf92ade1fc510fe49db45d4375a5224 |
| SHA1 | 0de018595d9174c00a6d3037ccda87f0dc2bd46e |
| SHA256 | a2b90865b72d2ee925a776ffbfb1b432f74f9d25a20db9f8627a7e9639cf11eb |
| SHA512 | 3a45d34c5a52b0017c88986cf71d7a95ffd1ca53fb7d537c40961aeaaaacca31a0e481228619c7609c850d4f8849fbb14b48137fbf231694fd2803969a3ec5f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b7c33c9b08bede51fc84096fcea4a504 |
| SHA1 | 66526af0f4ef835774de9fdefc5900fda7005b16 |
| SHA256 | 71ca61d827b229ebcc50debaaa8339e260f4d9b8d01f5659147b458db9b39dda |
| SHA512 | 0531cb5a4ac09bfcab9325ffa4b5598e0516cbcd58344f3e442442ef76eb6fcb4cfc9b26dd1b3cb2b379adf2483379507e5ba95165970ff14f5fabcd748453ec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 65b5f640d5b5daf1f78d1b80585f6e91 |
| SHA1 | a0d205a645cd200569db6027b72b3db9aec5c151 |
| SHA256 | d5b8f4e3af9d0f2159fa5056b42b4aa66f7d069689b98ea8970e3703b16037e5 |
| SHA512 | f0175537bf23697ce8692239bcb397e4d99d07d68e40509d4a3ee991d60d3dbf6bb14585f95fc12cc91e5e5d7b86c98a9cde690ad44033ba1ca328bda232745c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8f6ad239db1fc8980688b73fc3891414 |
| SHA1 | 1d628e73df9491db6b47f2cfb3d2cff35df00ec0 |
| SHA256 | 69a23663f21f79991d66116b36286669eef353d6a008639a1c2c04c82af54053 |
| SHA512 | 12aa9337cb450f44f6d0538889e1843fd034d3e66f7287d258fb773d1c0f30363fd91460cda132c1c0298c3fa7eecc5bd403fc63dde28a5bdd55d1fe17034882 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e8af4e6cf625e1693231deaaf1d46fef |
| SHA1 | a2432c2c45f2913a18dc4d54ab5abb378047ff18 |
| SHA256 | 2069cbdce726e64bf99cc85c5db156a1235818d019f79fb128a91f71344f8194 |
| SHA512 | 348bd9bb39a5364b594ef478fceb28e8ba5e8416867f6d5b4b900ade1a3fdbf6c83a4c3fb28f05fba8a520b9633f2736e3de0b422e1b72c8df7f6f57f9b9f6da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5ab291f76f0d815a7463052ba1b6101f |
| SHA1 | 9b53c761c74bd29fb8935e3d322e5e7b29660255 |
| SHA256 | 9d614457fd52cf0405f70da50e6df80c367f6aaa6e75acc3cbaf2fc878231830 |
| SHA512 | 80ff46bfbf26d95e215c67e7ec1eba54deec410a8b3a067f119aa7d9b80bbacc238c46797cb7fbb912affa72c4e2f24a230329951fa2b79df1a29482d30d3f4f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ea331afeb25ea5c18fd0164afac5c70d |
| SHA1 | 60f267406947aebebcf50d08411d82d28b1f1656 |
| SHA256 | f02e83d72e88fd362924d6ed90d8fbe3bea467c4058c43f0efb2e2d8eb24cce6 |
| SHA512 | 2b13f01d0f8121581b511fc1caa481d04975410d26c2103e0e56f7af7451a32b13c1c3b38a60f8dfbc0f0e1b8aa0e959590b6e70e384094a2881340c02ccf87f |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 0348260fe663a8b4d0c835c0018bdd8b |
| SHA1 | af2fbe63c9705f347253bcebe3e9185422b362fc |
| SHA256 | 2e090322191454801a1822cf82076085225cfa3d15d1865b9f829d4d49cbd2a0 |
| SHA512 | 00da7254a13f72d654c42a8fcdac7262abace3eed8185adc5f25f4898b01fcd032ac517e446767a1d12d4bfe24a6504122babe545c76230d9427525d2030897f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 73663271195e73fe48ece0a4840f9bb8 |
| SHA1 | 24396c1c2e057d770f9a3bb16b4cf9eac5284fb8 |
| SHA256 | 823c54a913a39953ac6713c2c35a8f7a1627cddbe181e4c6b11c0b849e6f96dd |
| SHA512 | 18fcaf0deaaed0b2ad55168184e5749a261e0b7ef7e6d32df1bfd301781de2dcc621ad03d802afeebc7cc06e95da9032c5d92c9ec3cf9934abe45a11d38c4b44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9c086f88a8a7809621c8a1600f852ca3 |
| SHA1 | 23112e316cfb5726c2b37606eba6dde1d1e8eef4 |
| SHA256 | f02027eff5cd2910fa23ba3f535471f38a8c2792ed83cf7c4ff05f7ddd8d72d5 |
| SHA512 | 3157df01be39baedd5b84efe6224e934442777853922cd860d91b3948f8e977445e155cc0a0f8a01a7b95c56bee29dfbc446dd1aba0c5df0111372b14ba83fa5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8582505202cf8fd5d5efb83ebfa73263 |
| SHA1 | e5338298e1db1bda51107f17feff2d6564a69b0b |
| SHA256 | 7c4a1cf5c811a22addbde8a2909b35eeef5457b164c3739534242a54e45aeac9 |
| SHA512 | cfc818bee6b54d4b0c76860331b56aa66f16d56eef12e97765036279c9eaee7ffa08fcc9ccd479a30a06606e0003995eef43a8aa41123b9308d0499e5d95b2d5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | faecf6280fd430d31ab4b918e1ef1412 |
| SHA1 | 5323eccccb32c947fbde63048ca7b58900ea926e |
| SHA256 | a6c0b56599543be99e3aef524cfc8272ddbeac63af5f5a1be80b10089264f30a |
| SHA512 | a9b085ce0589dae3b477093897c9f30a108bf00afca6b85a2be268b33406ce1f15f3f910f79e3d4bb612628fc0e44d1630d11c20b46d83b4a3843cd8ab113bdc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 71e4be319698cbc277ab958b0cc77a8c |
| SHA1 | eca2443ba41bfa551bcc70a8434d0484fd6ad34c |
| SHA256 | fa67789b4431419f7efa877c283d53f197de51317a293ba38fec8d396ab34281 |
| SHA512 | a14c06119902dc4a5d1e20c36830e74ba2cf515d35d5014c78eaa81413649a018ca8e9de9b198fc9e41858b0830c6155dc71e607911c8c4759c3eb88317a4de9 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 7211ad47f45492ab4b8fd675327995ae |
| SHA1 | 0761e859c9295d77c0e3c7f822f56d7695400550 |
| SHA256 | b67982af0e711caed1170e6a4ba685d2db35e7a778f6ce19906faa918ad7072d |
| SHA512 | 95036029dd85eee74e867579383f41d11a6c2e625e52b574a3d971d80d6909febcef44e9dd3f5f6219727b2e822c5fa59f0b894e129a9461a2eb6e01a0273210 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ef3f01294d52d65a1ff0ee3daa96d313 |
| SHA1 | 128c15e8ab05e4ec90cb74c71e25162ab161516b |
| SHA256 | 3e890b2fd82a1900d9d29880ad7c43c8bcf95c60d420afa605d2aa9c87713c56 |
| SHA512 | 69a51040599e95d4fdc3575a8807de62cd034f1de2ca3a060e24f7d8e2e4664111db5f1d9ef165c318e9c6f574091f909818a1a983be5adf19edbf12e09c5a4e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8e552a2ad90e3b2c15f919f6f7663474 |
| SHA1 | 3936b4c6b01d115eeb2379d2db225fa6c834cddd |
| SHA256 | 6baf75c1b4557a77d3188c84c555a913b987f48d58ae95114404f9495140fd43 |
| SHA512 | 897f8459f85121cf911bc2b50f4daa9e118ee6af8b319a1201426d563641c2994e6b98fc035cce763ead619ea18a45d57b80872f16eb9611086735317d4f2ed8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 355f55f472244bd2e04bfc8ab09b4703 |
| SHA1 | b9d3cc0b0ffa0abc8a102c7dbbd79d62a2629d09 |
| SHA256 | d693799271fba8ddf012a0b36d3f0735834184bed29c9731f900f6069d6d80c4 |
| SHA512 | 34aed0ec73c6d2542adde04d09bf6acc2b192c6aaa72306ddb33e5c97d510e1c73ccdd588b09846460e86c55bfbd470faaea99a6d8bef5899e1797de371c2a0f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 5e3c63e2e8d5dd2e120af94b585f7ec5 |
| SHA1 | 4f07c5c824addc09d99c890cb985c947abfbed6a |
| SHA256 | 245d4410bb8b275bde85627119c220e5a8f9e135ad072707b5c975d9992b8cec |
| SHA512 | af0577dacf4071317cbe6e3076eecf871c7a314c3bfd03d029c56832ecb8203c6100a4a605b479863dea7208dfb0374d935745906604f607ba87925e08002d7f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 74e239f13a0cfcb2d0c4d45598441f97 |
| SHA1 | b276f1febc66786e4d7ea1f6b36c927aa0ebf1e1 |
| SHA256 | 3ba06e7372e6856afa9d8730b880dd448694480c1e9a967512091962d7e893ff |
| SHA512 | f2a28137522706d76142f4528c697fcbc5ff53fd32c3395feffcf1740e40807365bd683516a02c4074ce0a9e723afd9cfc9cbefc53986ff9d64355013a47cba0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | ecd50ae829ef25aad04ea3b789785275 |
| SHA1 | b01e3df417762bbbd86c130283d2ad83274b17eb |
| SHA256 | 9f68a0f23124897380a141674f7e007bfe854683f20a5065f896cc7a0826167c |
| SHA512 | dcd6266887985654e7476d84652e73dc2ea44401281a57224239de28a8d408c541b4659c61662de83de38c1371e1e8e1e7f0070dd75a2140ee52ded8e73f9775 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\2c7675ba-a451-4006-a30e-b3f077fd6d9b.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 1156f28f30c7fc5543f022303b5270ab |
| SHA1 | c87e90fb5c391d6e222a4c767a8fefbe7ceab256 |
| SHA256 | fce9f52683f4e416708f138aab902bf3a9719270e12f30c5af266132820a9554 |
| SHA512 | 6680ea4610e4ea928ca02234f843534d5b5c600f8f01102c2966c3cddbb50c3c2cbbc41d20457422e2cf3c5e9e5ac27d4f20642b32803536fd8e877cfdc06fc5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d12a379c6287f5aaaf7470d50f4c0c0d |
| SHA1 | dc18f77799321d68e06dd4dd6d571e79b7c7752a |
| SHA256 | cdf291ccb82fc515cf9918dd10e85fd17244eaeaf127a6d17357d0ce75425682 |
| SHA512 | fe7ba9928348b4c41e0a719848c747c7870cee6de4112d29ba9636c5c27ebaf1df6ecc417cc8c18f883fd18be5cd1b95fc8a26b4272c0cdcfc5a355cfbbfc4a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000d4
| MD5 | cb3c8542f0f84d37a966a866ce655998 |
| SHA1 | d68980af9d11068339e7514e452682d0d483ff18 |
| SHA256 | 2a1b79eaa2e9db4bf7c80aa680229ba4057fc69e4e3dda16e7bd60de933f41df |
| SHA512 | e925899237b24a3b67cf7d158a04cba2a1771b84ff7bebebde3a357ca3219a7f16f7fe1fb8d5126b78cbf25e93b709e0d549f437674e4dd2ad13ee8a89a4224f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3e459d8e1551d0e2ff81499f9a2e0b15 |
| SHA1 | 0c834d16e2ae544714dfe0fdc71dc642db2fff29 |
| SHA256 | f5608fceb687635da24f727fc92e9d2d25bc0515dc0fb080c095ed5cd19bba26 |
| SHA512 | 0d7fdd65418fd05b3e8859a752864b8f741ff644069cccfbeb1a894c005d469a519cb17fbd12e3d71614aaaa57eb432fe861188fb717b78b6334d4a091e8280b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cc28f7ad0755c39c57c142eb4e15e6ae |
| SHA1 | d2f3b29c7410b9847eee637c774f9eb20f1dc165 |
| SHA256 | 2c50f0b8ad76408aa93e6c4659ef1877151cbdbb591ddf354ee374bac5b1dc22 |
| SHA512 | 360aca988fdacf70d43b778722d258f08fdcb7ef868f9f77d5f7a84fb72a964dedd607becc81bedda3c2d35043a4fd7ac06077bfd768c3832a473cd27562e8b3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 98c24355f827e0c68e425ef917553bd1 |
| SHA1 | 8ae77b231b26ecba510ca8c98f91a77a7855ca4b |
| SHA256 | 0afa3b3f7ff39019009e0e5132ac25969ce37fcbcf0bdd138e76554b2ef61707 |
| SHA512 | 8021632ef8b45137f583aa20bb8837e2646f9265c7073a2161a890d685c42f3e1581da8a8566a5a4c929baff2e1e3767e93d449b004df4d1c6471bfdc835e8a6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 57d99a745e50bca9f1b770d7f0695895 |
| SHA1 | a8737a5a2b68113fae5791bf314877f23f3c353a |
| SHA256 | 7aec0afca3d5658a0872657e4b4661847ec91ad7dc2150ee10e5cb0cbd8302e6 |
| SHA512 | cd245b3c8d05d3cf05463eb441cd86286efe855654eb0bfdff5c9a2773d5fa50529c7860ff57a9aee69ca2198daeca435d1adbe03b44ec142bbcda97e15d9ac2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | dd8b72b362a9255d8c3579b31e5a5bf6 |
| SHA1 | 2b213be706e14e013891b7593a92c5e6fbd72f13 |
| SHA256 | 702b323d02cb4e1c9744dd270e298b00bd58cd0b97ccb231e9dc756be49cd059 |
| SHA512 | a0abf146d39dcc8deb1fcb8391d1043d40ecfaaef712876e821b762a72b50c754b6ac6cae9bef07e68d61a5a2406308d23aa90251361b72093b61a62747b2860 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 58d3bd22778d99c23143982983b44e29 |
| SHA1 | c4662b2f77b4e87d22c1bc19a44a1a15a95b858a |
| SHA256 | 90274418e12f7c9623a1cb0517dc3ee1d7916712d22ff4abf09f16671de84001 |
| SHA512 | dab759de85dff7d7ff8af0eed05e9ecf39a6ac76a1ad51bf28574519d0548efe2616054d2e28e278050d043ee0fb1706727f4b4daf9257a8abdd45dc8b04f025 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | fd9aa031e7068ec89eb0164bdcb74cbc |
| SHA1 | 069304e77dc579482abe0f74b130d4a76febacaa |
| SHA256 | ddd213537df7003c5d56088168119ead3befe96a32ce9b74e89f4edec506b75e |
| SHA512 | a4640bfae39fe55c812154f4d63a0a9def6902212a45f68b8381c5605c76727bbe7c0c219f64cb0d6f484e7a64176ee2f7708dbc72e3066479e857026880bc09 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6e3ecebe354d0fda372e5779fae240b6 |
| SHA1 | 9d2c4e4d0635e1c3d38e9589e7f9bcca2bedc683 |
| SHA256 | f1ce46c9dfcde29c649e03f668177796927fbde441eec643f712fd1d9eb2fa52 |
| SHA512 | 98a9726d802f3272ddb8f4796b54245306dd5a50c8eb37cee4e2790bcff921d46cdff1bab3d617979510f5db0b17bc7f8e4fbf886d94a1d53038304f82b22dee |
C:\Users\Admin\Downloads\geometry dash auto speedhack.exe
| MD5 | 19dbec50735b5f2a72d4199c4e184960 |
| SHA1 | 6fed7732f7cb6f59743795b2ab154a3676f4c822 |
| SHA256 | a3d5715a81f2fbeb5f76c88c9c21eeee87142909716472f911ff6950c790c24d |
| SHA512 | aa8a6bbb1ec516d5d5acf8be6863a4c6c5d754cee12b3d374c3a6acb393376806edc422f0ffb661c210e5b9485da88521e4a0956a4b7b08a5467cfaacd90591d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | bd53c851129fc88356ca0e79b19bc77b |
| SHA1 | 5806e2682e4809018bae198399d9aef09c5ddc42 |
| SHA256 | b9b95f1cc28f24bf13b606b334597d3b98ee49625a53c22571c3d0a125f576ed |
| SHA512 | 22f69f9c416bdb238d93f7c3ebf4bd6f661dd54d0dadd0f81c338dafbbe0e0bcb8850c7bc1b24bb616cc556ac504d7ea74373b940facf89e4b963e33b080e9ba |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 323af255893746dc89cc28a5b928bd55 |
| SHA1 | 2be1db166df42a7b0eb48686ca12aab6aaa7709c |
| SHA256 | 8ffce158b8cfeaf0646077fdf5f99b591a03c2ffc788a1a704a30b851b261423 |
| SHA512 | 720b9430223d444874e5126fcf800004c6892f4698080cf2ee52d229f8cf5e60a98a66c1b614f17579b48ee58fbb97c951cc551215a00e752761b138a36253cb |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 362141aff87a4aacba0632d7445eae67 |
| SHA1 | ac122c3fbf4cfac1f71c4cc6dbe14bf912ce81dc |
| SHA256 | 8a2f6b71a630736329ec237af6df007ca1211835127a310e3f6a85d9a92b39fc |
| SHA512 | 6d37e45c1d62c4e9c35d4f2ce7177fca51152f7954bb74073186496b8b7c4483c4cba76f6858f63ad81bcf7fed1fed06d9f0e540c3703614fdf2cc20d026173b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4d534f3abe6d70e964eca71a2b3a2e35 |
| SHA1 | 1b93720ff935a09664b3c2a2bf040c4579ecf66e |
| SHA256 | 1e28b4e7946f3b4b8cb69bff3c0cad24c3410e131daec16bd797af4fb9476fa6 |
| SHA512 | a41ce3609a6cd0fb934aad39cd2d290321d39a4acfe15e47aeb3a7e82d4b36f9134f5e96f3b24f4af65b34de255ced0d715eb96fd7ac2daf57b70beaabf3e287 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | cfc63e6a94cb6ea76e992c1c8a050d98 |
| SHA1 | e5957ee237ec7407a780a50be3193ec5645931ac |
| SHA256 | ca142576211b34d18560a8cdb7098b2a6860cd7f350b582f4c7ccf8202e87e72 |
| SHA512 | 7b5d0df10482154987e24a1ba4e60f02ec143c4d46325630650af51bb717e47be3289896209d2e99de4756fe2d9026b4584645064ba193f8b315c824ed5d1e22 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f2865e7fa1b33823625e1af8cf22533a |
| SHA1 | 3c5d0344f3ccb302f422f78267801c166cdf88bf |
| SHA256 | af4719d7cf2fe3e8fe7c096fe3dd9c5ebcfafa4083c91f63363d30cda1e06785 |
| SHA512 | 2dbb45b86ae8470659c1c1e6a13353377684e4c81926a2e8655bc7625cdf55c14b9af9e6ee3dc00bcfa6181182691f9286f581452bccdc698b9637b00cc3809f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\JumpListIconsRecentClosed\b7a707b2-459b-44a9-a28e-f703402dacc8.tmp
| MD5 | 21f4df4635f9a2d9e8035cf315ba5192 |
| SHA1 | d00f54f18d424650aa9ac330588d96722e42bf8a |
| SHA256 | cf886afb161b5fcafa4da3a11244970bc82cbbcc901f36b4d6bed44dc14ec034 |
| SHA512 | 57feffbc2ac512011a62abaa638016afc943e0b366aed9bb86233ad2db588a1701695ab935d4a0ffad8c47857b9d72c8013451f0cf2b605dbd706c1eff413754 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | accb4a7b44a33efb9794dd86a6f271c0 |
| SHA1 | 85f8595907d07081522a43fbbd8625dd190ae32e |
| SHA256 | a1fac61254862444da9f9bd1611af6fc8b2ed704b6e3b9dde20d578fdcc4976e |
| SHA512 | 95da2f93ad08538bc1c726978e16dc31c191563095569e817c80bb5c47edbd5a7e38992c6a3e3ac8dec0ce658ad15539b5782d9dc90886a52cb5f3cc2b7bae29 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | cbcc5ca01cd19530d08e9a2dcf18baa8 |
| SHA1 | fa8dbcb02490db27932a4698fa7a08acaa78ca31 |
| SHA256 | 23cfc5843de0aa13fffb9b9c66a5e27ba4d9903e6ba79065b9fb683c746bfaba |
| SHA512 | 7aaed653cd3a2d9b0b2a734c26ee398dc85bf6f13c6491e19d79a5ed7c9fab023df4db85c7ff1fca66f8b8538596293826cf08b2c496f80d2e09bf7e4358f9d6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f5
| MD5 | 5e122a7079b46d7376e2a288ff7e60de |
| SHA1 | 024a59e404383c90e09b3e546619e59246e1183e |
| SHA256 | 97c2184a4c5fba3951a1dd69b18ab31bc6675114fac3643957b21e607d245b1d |
| SHA512 | 527bede647998783f46208f71f4346c0f65de2d35db74d0d2074f37bf12fa13c56b7d69fea0678f5564cf93ea32798d9e2adac6d5856578e66216df00da1372c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4123b0834c9429b75d4d5729fc1be352 |
| SHA1 | 729c7d1d43205b70d7b29025e0b1f71028038a02 |
| SHA256 | 0f5b0934ff2624562b83917044a4291b03db8d5632b3da5628ce176a3e46d8b6 |
| SHA512 | 10087233fd3e3358a4eed89b11f62322534844e90e31f3f0daaac32b51113eb72c6eefdc83b392129dd6f394186b678f389a9d4e8acece583d86b3b0ed7aa8bd |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 5b50b93eadc14bacf1eb95b319d2a3db |
| SHA1 | 59aecf721c3a9d7428a320dad6b4f3673c96e115 |
| SHA256 | 78f3cc0ce641fd7a377bdd7ef830a893d0c805d55bbd79c3ebe72576318d7051 |
| SHA512 | fa44950aa2bd88dacf8f466ae3c92d1dad7a25fba5df1ac9edb356ec67ca1e8b866feab33f9f516880a2ba4e07648f26dbb7b2aea7efada7384ef24c46c099ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_c.adsco.re_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 0af74e586196b98948b72d5196ef1427 |
| SHA1 | c9a0a37c07670405cab4bbf5fb115f8cccde5fe1 |
| SHA256 | 113a3ff748535ea9f07287fa3b05e623b987ddabfe552ce993f04b8028ade9fc |
| SHA512 | b9c75bf5c7e1b26b27db4bbc4c19a1143c03bb4fb6b226a1cfa78311d90cc1acd07275de87955b607ffd3f9f618a0c2c14805fe00481be13de8140dea28f1f2a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6919bc105a696ad5de7d5149e7fc7e5c |
| SHA1 | d28a5bb1f66a3e8027e34f9ac535f3fd327bd475 |
| SHA256 | 7fe7fec43822c95ef6454cda645497620dd02cf3f1c867d05076211a853f9beb |
| SHA512 | 28b565070bcafba5304ecacd7dcc65f0a0d98570da960f37dc358335b0838eebe21e879d177e25026fc66270997be030b5ecb7e3efa88355d7b073b026ba71f4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 07398a7604fcc92832ed22d8c53157b3 |
| SHA1 | f052cc01674a56b0ee75b0eaef87656e500d3dde |
| SHA256 | 421ceedc5b1121d16294b6e8a89e54b77d76cedc816c5a5f137e7b66b4349f23 |
| SHA512 | 936c437d549fc1158d09d7f3b8a1a57217ee4d4e0bd0554540f217249f1530ec6d969ac0e0bc6b6803bd37f9cefd3a80b7efb50b7c54e34d771f7e8d9aefe6bb |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 38b97a027b6f2d37c4f8396a39fde175 |
| SHA1 | de73cd3c859562140af3ee4fc6c4eadae8690ea2 |
| SHA256 | 9de131c9ad90e68826aea72f993ad82a02e5c18b8fc3b8ade73000233f925287 |
| SHA512 | 13e23f9d557c70ccef315db861568244d5ee667a13389449d54d1eecb6ae5128070d5f351016ed8fd6a9b43ffe9091f9d1f4cece268a2d5cf19db34b89c17802 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 130c0504b65616a8e635f3272dfcffc6 |
| SHA1 | 92557e444e22a689b9b3708aa2ab8f6252397433 |
| SHA256 | c06fc8b87b864e3169b753ee03962971afc00681ca6bb7e5d8b2a874bc999229 |
| SHA512 | 5b0452b6236599d15436fdf1783e34967ad1825fcf68cc73377d1501cf109f1656602839493d6e81fe2ff5a51b3524822ff23817263f1fecbe88ad044d8bb537 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 62119b5a1a9ce258389987142dad2516 |
| SHA1 | 2b104f928a844e6bb1179eb9a6e52ea346f77fbb |
| SHA256 | 51f6b6fb447bad1b4076d13ce58900428abfbc9953f04ead15d0ea6dc0a942eb |
| SHA512 | d6309890a44c5adf4af41179c1ea8cc958649576393beeed7e5f98de0f0bc0a43ff2b77ce0f8ed4b1afcc8ffd2ace9955faa5a5c424023812fa416ab92097966 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 598a867f3577aaffa55756ceff9a0336 |
| SHA1 | d8907aa416e8c2bc5051f0c3424598266f9f8f03 |
| SHA256 | 97058aa3ce810adb05b4bf3a1782ba6072d32b107f4caa06f85514a1a35a1f90 |
| SHA512 | aac2b2be647c1df9685392bb363a2266c76bfbe1a54c96ae007e34d34bd91c5f60e1a62a4dc21ef6e1f90bbdfb3b13a08241d2724357bc7df5e7cb3178161a49 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7b9e6d4bf53d9dfb7ae61f437df914ea |
| SHA1 | d90f8cfdf91032eb5449c1e673c3c7058ce7db13 |
| SHA256 | 61e7eaeb753aefe61d2ec8ea9f744ae41d2d5cc3b5cbcd04724109b33b1c7635 |
| SHA512 | 76cc3c0877f4ad36fcd789041590b6dcce630b877f0fbf63db51207325f53a080be5dd5a37f9a733cc10ffa6f98f22f8811680c5c5ff0e8016f284af11dbd71a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 7f31017e24b6dde1d14fd12329db65fb |
| SHA1 | 43c7652f914eaed4017672123cf9ed85e266e7dd |
| SHA256 | 8a58bffb7b8580eb873c56eba60570cea93834812582b4a648b923a622ae7365 |
| SHA512 | 1451ab0096f29fcfeb6db238e5bb60d5a03a5bd538d00b0f2c3ed22f4d1674c4ab815df3251ddd4776341390f002d87baf273472bf6d155c9dd4e9a04be8bb8e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9f10a1474a1c0819e8cf2c30dbb8ae6d |
| SHA1 | 0265b53e09dbb4162c278cbbb5667b305db68b61 |
| SHA256 | becc8e6cc439954e4fd948c3651b0f460c1989658da3b8ac41fa05245bd09a92 |
| SHA512 | 25e213c737fbb74728d252ef81b3a366152c36f67e517af8df06bf06ff22f040ce198c2ac883d9df7f984a67ee1ace0e4076cfcb3332abf66402da9469370624 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000118
| MD5 | 9f30471946c01a95c89d21eb25958066 |
| SHA1 | 64dc16c6e7542e4f0e7ed9067ab40bb07f6ebf95 |
| SHA256 | 502b3ccece01cb9961e5bb3a47c31f29fcaf0dd9eb6a081c9a5a78e088efb575 |
| SHA512 | f63a7c89d3609e49870c9a08dd88455dca075a59246856662b4f1ad6231f5f76e639cea00ed2cd21f9b0c85a44b73f7deef3922080f2fab64c3f24b666189708 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 738e53cc51c1481028706d5b099e2797 |
| SHA1 | c7c680da5c934b64de5a40ea0b37b84da0db24e7 |
| SHA256 | 0a04a7b81ee4834538e55d0c3827a19d7e94e405ac93e6dbbdc80e3ffe3f76df |
| SHA512 | 9a8671412ab8db9634c8edbde27d4bb74db0e3649ba5b64587a777b4417867cdbebe91aebc02fb5f203fce1ef4167f251da5e016e3f2e17532319e0a3218b56a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6a1edca2113b8633cd065695ec3a6dfa |
| SHA1 | f8e9f581a33ad9ce72a19a5f6d26fdd04ef871cd |
| SHA256 | 4a060b0cbba50b35cbe4f08fcca52088a797fb4f250846773357143204f4ae95 |
| SHA512 | f62f0f4ec626490cdf48c837f581521c3403af2d33d978a462197baf14f6df90b5d74b947d22bf702bcff86ef72d2f075cd78d06c2dcb1cdb516ced93cf35fa0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5b2f4d3f0e729a4c8df7ec01c1f0dd99 |
| SHA1 | d303bc5754bf8a510990c3c079a2f4144c1cfb87 |
| SHA256 | 9a3475d2f70bbd48968e1dc65e3b628cd2c5e5fa0fdf8c45b0fb33962973eebd |
| SHA512 | b3b6b9a15faff64bd2ebdda0dcf01962d2e7553a5830dcc07300be4b831a48291db55bc0b849397cb50534eb3960c57c329f1c8d61444d6572c287ccbe2703c6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d34a5ef0890557d19d2baa7ac33ba7e2 |
| SHA1 | daa3a12935547a23bfa20f25d869a2bd1829ef29 |
| SHA256 | 8d0beaa303d457a9a19c2225b4224ea093f2f74bea8d70dd190a55ddd8a7dcd9 |
| SHA512 | abf2865b90b08a44a54e70c4e99c7bfa4ee2faf78db1554a65193b3b4de6f3daf7df32134a144bea8a381338b5dfa7622ad1d3426f44405c6fd776c2c76a4094 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 20782e5890d7113af240666937798cdf |
| SHA1 | ddca31a35bce577f5c91a77375d5fe6715171fa4 |
| SHA256 | 29c20621ed52e5560bf3b7e33edd5a209d8d0bc0179cb16b43e08ef94518959c |
| SHA512 | dc1fec9606aea5976632eb94e5b01fa2de7f650ff1f04f2a68a5b4bb6496131f814d7204f361388e59e0a224df4f62a60cb40c312660fd5c5fa4d7fc48e24b1f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 9a8dad5cdd597f2a8bf29309c13bd2e6 |
| SHA1 | 3d708a69edd7a8b14e1c515f26adf07293fe2b8f |
| SHA256 | 493555f626588e6560e371e0c0523ae880b2605f22f54d4655f0c1d902369c85 |
| SHA512 | d28e1fbee4610feb8e31fa6efad7876291b5322bc86d0f68bbb8f07d9c08bb5a4c6a819b98812584ab68d04abd2d7405f9a9132c806c0b34ea62afe0224eccfa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ad3ae6e3e5a88d9999dbeca23bdfdc6d |
| SHA1 | f006147f02e481b5a5d64d1fc78a339d3a462eb1 |
| SHA256 | 28206743047847eb8ac670699145441b4dcc5ca0bc6e026f45d4b27282c483e3 |
| SHA512 | 60c203c43a7c870932089a906095a47851218042af3601c363096f7cced4a8e38b06b0e1bd13792c389c3d2f3d5a2be9f4d9e825dd1c8477115384878f01d9e5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 13a64401e0295c2659047088b3573cb6 |
| SHA1 | df514759093306cff3cc5b128e1055434f090753 |
| SHA256 | 797e56b6457aaac5d48524c5626afea00d54c51dc238caee4da7ddf8e38d9e1f |
| SHA512 | 102013acb3577d3e62e4561f27e7acde4bf8a38537c277212822b1d56b9ece953a025e60b26a6df3d839960c21576e5fd3fd6e2e18ff47161194d9fcd169a46b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 2ff14229e434b3a3d1aaecf9b1b6787d |
| SHA1 | 4e77276c94e140da7aa6d44e4552cbf7088afcf7 |
| SHA256 | 5aa4283157895e5387d05f019290a0731f0df39228d9cf17394b2ec4d2a42789 |
| SHA512 | a8cb907bbf6f280bb0662dcef74a7325d074eddede16ee7683ee62aad0f23a743ea6fc24abfc76fb388534f9f37b4a74b3dde040fe12b84b01aaf916602d8fbb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4fc3fc6b8b34817e81768bfbd1374294 |
| SHA1 | 233ff645e402c95eb17c37b516ac4ab0ee687005 |
| SHA256 | 5476b59ee59acf176b54e8513ac7cb8e14c8376a7648517309653bf10fc7b496 |
| SHA512 | 504e46ea1e14fbe92723bb94785bfda50ff60c961572fea438b79767147f44fa3bb0354bfdd3ffc8e57335d641b1a9ff49e41ce1b27d170654e55274877fbcc6 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGT20.INF
| MD5 | e4a499b9e1fe33991dbcfb4e926c8821 |
| SHA1 | 951d4750b05ea6a63951a7667566467d01cb2d42 |
| SHA256 | 49e6b848f5a708d161f795157333d7e1c7103455a2f47f50895683ef6a1abe4d |
| SHA512 | a291bb986293197a16f75b2473297286525ac5674c08a92c87b5cc1f0f2e62254ea27d626b30898e7857281bdb502f188c365311c99bda5c2dd76da0c82c554a |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTMPX.DLL
| MD5 | 4fbbaac42cf2ecb83543f262973d07c0 |
| SHA1 | ab1b302d7cce10443dfc14a2eba528a0431e1718 |
| SHA256 | 6550582e41fc53b8a7ccdf9ac603216937c6ff2a28e9538610adb7e67d782ab5 |
| SHA512 | 4146999b4bec85bcd2774ac242cb50797134e5180a3b3df627106cdfa28f61aeea75a7530094a9b408bc9699572cae8cf998108bde51b57a6690d44f0b34b69e |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTPSH.DLL
| MD5 | b4ac608ebf5a8fdefa2d635e83b7c0e8 |
| SHA1 | d92a2861d5d1eb67ab434ff2bd0a11029b3bd9a9 |
| SHA256 | 8414dfe399813b7426c235ba1e625bd2b5635c8140da0d0cfc947f6565fe415f |
| SHA512 | 2c42daade24c3ff01c551a223ee183301518357990a9cb2cc2dd7bf411b7059ff8e0bf1d1aee2d268eca58db25902a8048050bdb3cb48ae8be1e4c2631e3d9b4 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGTCTL15.TLB
| MD5 | f1656b80eaae5e5201dcbfbcd3523691 |
| SHA1 | 6f93d71c210eb59416e31f12e4cc6a0da48de85b |
| SHA256 | 3f8adc1e332dd5c252bbcf92bf6079b38a74d360d94979169206db34e6a24cd2 |
| SHA512 | e9c216b9725bd419414155cfdd917f998aa41c463bc46a39e0c025aa030bc02a60c28ac00d03643c24472ffe20b8bbb5447c1a55ff07db3a41d6118b647a0003 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGT0409.DLL
| MD5 | 0cbf0f4c9e54d12d34cd1a772ba799e1 |
| SHA1 | 40e55eb54394d17d2d11ca0089b84e97c19634a7 |
| SHA256 | 6b0b57e5b27d901f4f106b236c58d0b2551b384531a8f3dad6c06ed4261424b1 |
| SHA512 | bfdb6e8387ffbba3b07869cb3e1c8ca0b2d3336aa474bd19a35e4e3a3a90427e49b4b45c09d8873d9954d0f42b525ed18070b949c6047f4e4cdb096f9c5ae5d5 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGT0409.HLP
| MD5 | 466d35e6a22924dd846a043bc7dd94b8 |
| SHA1 | 35e5b7439e3d49cb9dc57e7ef895a3cd8d80fb10 |
| SHA256 | e4ccf06706e68621bb69add3dd88fed82d30ad8778a55907d33f6d093ac16801 |
| SHA512 | 23b64ed68a8f1df4d942b5a08a6b6296ec5499a13bb48536e8426d9795771dbcef253be738bf6dc7158a5815f8dcc65feb92fadf89ea8054544bb54fc83aa247 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\MSLWVTTS.DLL
| MD5 | 316999655fef30c52c3854751c663996 |
| SHA1 | a7862202c3b075bdeb91c5e04fe5ff71907dae59 |
| SHA256 | ea4ca740cd60d2c88280ff8115bf354876478ef27e9e676d8b66601b4e900ba0 |
| SHA512 | 5555673e9863127749fc240f09cf3fb46e2019b459ad198ba1dc356ba321c41e4295b6b2e2d67079421d7e6d2fb33542b81b0c7dae812fe8e1a87ded044edd44 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGTINST.INF
| MD5 | b127d9187c6dbb1b948053c7c9a6811f |
| SHA1 | b3073c8cad22c87dd9b8f76b6ffd0c4d0a2010d9 |
| SHA256 | bd1295d19d010d4866c9d6d87877913eee69e279d4d089e5756ba285f3424e00 |
| SHA512 | 88e447dd4db40e852d77016cfd24e09063490456c1426a779d33d8a06124569e26597bb1e46a3a2bbf78d9bffee46402c41f0ceb44970d92c69002880ddc0476 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTSR.DLL
| MD5 | 9fafb9d0591f2be4c2a846f63d82d301 |
| SHA1 | 1df97aa4f3722b6695eac457e207a76a6b7457be |
| SHA256 | e78e74c24d468284639faf9dcfdba855f3e4f00b2f26db6b2c491fa51da8916d |
| SHA512 | ac0d97833beec2010f79cb1fbdb370d3a812042957f4643657e15eed714b9117c18339c737d3fd95011f873cda46ae195a5a67ae40ff2a5bcbee54d1007f110a |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTANM.DLL
| MD5 | 48c00a7493b28139cbf197ccc8d1f9ed |
| SHA1 | a25243b06d4bb83f66b7cd738e79fccf9a02b33b |
| SHA256 | 905cb1a15eccaa9b79926ee7cfe3629a6f1c6b24bdd6cea9ccb9ebc9eaa92ff7 |
| SHA512 | c0b0a410ded92adc24c0f347a57d37e7465e50310011a9d636c5224d91fbc5d103920ab5ef86f29168e325b189d2f74659f153595df10eef3a9d348bb595d830 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTDP2.DLL
| MD5 | a334bbf5f5a19b3bdb5b7f1703363981 |
| SHA1 | 6cb50b15c0e7d9401364c0fafeef65774f5d1a2c |
| SHA256 | c33beaba130f8b740dddb9980fe9012f9322ac6e94f36a6aa6086851c51b98de |
| SHA512 | 1fa170f643054c0957ed1257c4d7778976c59748670afa877d625aaa006325404bc17c41b47be2906dd3f1e229870d54eb7aba4a412de5adedbd5387e24abf46 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTSVR.EXE
| MD5 | 5c91bf20fe3594b81052d131db798575 |
| SHA1 | eab3a7a678528b5b2c60d65b61e475f1b2f45baa |
| SHA256 | e8ce546196b6878a8c34da863a6c8a7e34af18fb9b509d4d36763734efa2d175 |
| SHA512 | face50db7025e0eb2e67c4f8ec272413d13491f7438287664593636e3c7e3accaef76c3003a299a1c5873d388b618da9eaede5a675c91f4c1f570b640ac605d6 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTDPV.DLL
| MD5 | 7c5aefb11e797129c9e90f279fbdf71b |
| SHA1 | cb9d9cbfbebb5aed6810a4e424a295c27520576e |
| SHA256 | 394a17150b8774e507b8f368c2c248c10fce50fc43184b744e771f0e79ecafed |
| SHA512 | df59a30704d62fa2d598a5824aa04b4b4298f6192a01d93d437b46c4f907c90a1bad357199c51a62beb87cd724a30af55a619baef9ecf2cba032c5290938022a |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGENTCTL.DLL
| MD5 | 237e13b95ab37d0141cf0bc585b8db94 |
| SHA1 | 102c6164c21de1f3e0b7d487dd5dc4c5249e0994 |
| SHA256 | d19b6b7c57bcee7239526339e683f62d9c2f9690947d0a446001377f0b56103a |
| SHA512 | 9d0a68a806be25d2eeedba8be1acc2542d44ecd8ba4d9d123543d0f7c4732e1e490bad31cad830f788c81395f6b21d5a277c0bed251c9854440a662ac36ac4cb |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\ADVPACK.DLL
| MD5 | 81e5c8596a7e4e98117f5c5143293020 |
| SHA1 | 45b7fe0989e2df1b4dfd227f8f3b73b6b7df9081 |
| SHA256 | 7d126ed85df9705ec4f38bd52a73b621cf64dd87a3e8f9429a569f3f82f74004 |
| SHA512 | 05b1e9eef13f7c140eb21f6dcb705ee3aaafabe94857aa86252afa4844de231815078a72e63d43725f6074aa5fefe765feb93a6b9cd510ee067291526bb95ec6 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\W95INF16.DLL
| MD5 | 7210d5407a2d2f52e851604666403024 |
| SHA1 | 242fde2a7c6a3eff245f06813a2e1bdcaa9f16d9 |
| SHA256 | 337d2fb5252fc532b7bf67476b5979d158ca2ac589e49c6810e2e1afebe296af |
| SHA512 | 1755a26fa018429aea00ebcc786bb41b0d6c4d26d56cd3b88d886b0c0773d863094797334e72d770635ed29b98d4c8c7f0ec717a23a22adef705a1ccf46b3f68 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\W95INF32.DLL
| MD5 | 4be7661c89897eaa9b28dae290c3922f |
| SHA1 | 4c9d25195093fea7c139167f0c5a40e13f3000f2 |
| SHA256 | e5e9f7c8dbd47134815e155ed1c7b261805eda6fddea6fa4ea78e0e4fb4f7fb5 |
| SHA512 | 2035b0d35a5b72f5ea5d5d0d959e8c36fc7ac37def40fa8653c45a49434cbe5e1c73aaf144cbfbefc5f832e362b63d00fc3157ca8a1627c3c1494c13a308fc7f |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\tv_enua.inf
| MD5 | 0a250bb34cfa851e3dd1804251c93f25 |
| SHA1 | c10e47a593c37dbb7226f65ad490ff65d9c73a34 |
| SHA256 | 85189df1c141ef5d86c93b1142e65bf03db126d12d24e18b93dd4cc9f3e438ae |
| SHA512 | 8e056f4aa718221afab91c4307ff87db611faa51149310d990db296f979842d57c0653cb23d53fea54a69c99c4e5087a2eb37daa794ba62e6f08a8da41255795 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Msvcirt.dll
| MD5 | e7cd26405293ee866fefdd715fc8b5e5 |
| SHA1 | 6326412d0ea86add8355c76f09dfc5e7942f9c11 |
| SHA256 | 647f7534aaaedffa93534e4cb9b24bfcf91524828ff0364d88973be58139e255 |
| SHA512 | 1114c5f275ecebd5be330aa53ba24d2e7d38fc20bb3bdfa1b872288783ea87a7464d2ab032b542989dee6263499e4e93ca378f9a7d2260aebccbba7fe7f53999 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\Msvcp50.dll
| MD5 | 497fd4a8f5c4fcdaaac1f761a92a366a |
| SHA1 | 81617006e93f8a171b2c47581c1d67fac463dc93 |
| SHA256 | 91cd76f9fa3b25008decb12c005c194bdf66c8d6526a954de7051bec9aae462a |
| SHA512 | 73d11a309d8f1a6624520a0bf56d539cb07adee6d46f2049a86919f5ce3556dc031437f797e3296311fe780a8a11a1a37b4a404de337d009e9ed961f75664a25 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\andmoipa.ttf
| MD5 | c3e8aeabd1b692a9a6c5246f8dcaa7c9 |
| SHA1 | 4567ea5044a3cef9cb803210a70866d83535ed31 |
| SHA256 | 38ae07eeb7909bda291d302848b8fe5f11849cf0d597f0e5b300bfed465aed4e |
| SHA512 | f74218681bd9d526b68876331b22080f30507898b6a6ebdf173490ca84b696f06f4c97f894cb6052e926b1eee4b28264db1ead28f3bc9f627b4569c1ddcd2d3e |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\tv_enua.hlp
| MD5 | 80d09149ca264c93e7d810aac6411d1d |
| SHA1 | 96e8ddc1d257097991f9cc9aaf38c77add3d6118 |
| SHA256 | 382d745e10944b507a8d9c69ae2e4affd4acf045729a19ac143fa8d9613ccb42 |
| SHA512 | 8813303cd6559e2cc726921838293377e84f9b5902603dac69d93e217ff3153b82b241d51d15808641b5c4fb99613b83912e9deda9d787b4c8ccfbd6afa56bc9 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\tvenuax.dll
| MD5 | 1587bf2e99abeeae856f33bf98d3512e |
| SHA1 | aa0f2a25fa5fc9edb4124e9aa906a52eb787bea9 |
| SHA256 | c9106198ecbd3a9cab8c2feff07f16d6bb1adfa19550148fc96076f0f28a37b0 |
| SHA512 | 43161c65f2838aa0e8a9be5f3f73d4a6c78ad8605a6503aae16147a73f63fe985b17c17aedc3a4d0010d5216e04800d749b2625182acc84b905c344f0409765a |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\tv_enua.dll
| MD5 | ed98e67fa8cc190aad0757cd620e6b77 |
| SHA1 | 0317b10cdb8ac080ba2919e2c04058f1b6f2f94d |
| SHA256 | e0beb19c3536561f603474e3d5e3c3dff341745d317bc4d1463e2abf182bb18d |
| SHA512 | ec9c3a71ca9324644d4a2d458e9ba86f90deb9137d0a35793e0932c2aa297877ed7f1ab75729fda96690914e047f1336f100b6809cbc7a33baa1391ed588d7f0 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db
| MD5 | 0266e3a291ac7fdd0fb692a62ad8f0bc |
| SHA1 | cb9892bee912627ddc47dea31de0d7f29eb1615a |
| SHA256 | dd4976646218da1e459859361b2877dec2b909611e1f2fcef655dcf3f197dc91 |
| SHA512 | e1fe000ebf71ca49781360ae002270c1cef9736f10eac8ab1dadb6bda9186cdd424d659ec6b87b404609dbd1dc8ed6c98085ff4173a8d4fdbc828527cac6f7ab |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_48.db
| MD5 | 81532bae1325296a50e3b58054ffaaaf |
| SHA1 | 7d6667a5f7eb6c36f582fc0cad00b65ffe638758 |
| SHA256 | c62dd37b0858dd4c56a555db3cc955919ca45439f5432ebe490983c15c42f21b |
| SHA512 | 2d94f6a1994222b95f1dcfb5ef6ec75c1111b8a564086e87a2cc733d0263393e747479b6c118674320f9b66352f82627881a309220a8ed854bf3b002c867a0e8 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_48.db
| MD5 | 9629a81cd6225df104e12c4e5ddad5db |
| SHA1 | 69d0087c1bc770c0a6b7053481201a71b88ec746 |
| SHA256 | e371b3ce600a74e89290308ac204fe472a1b445641ea3811e3bbe5b189fa90d6 |
| SHA512 | aa5994224ebb6c0ce1b72511778a92ab57dff62800a8a1dca936cf28eb4d710ba21c6898acb01f84a306cd3b4e594888ea85a31048c6bc25fb72810645195756 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_32.db
| MD5 | 47f167adf55bf09077ba165493564f8b |
| SHA1 | 5a49c7cb9b32d44a5f637e5f70f8b901cfc2ecc4 |
| SHA256 | be5ba0289a2dfc9f23a1aa184304369eb7fe7b680a91210cb936d904c9a3b8e4 |
| SHA512 | b56d0ad2dd9dd9db9fd5c80e83a34888363891e7a9d46691c90a14c9111ddc18c24dc7b5f786c398cda468785fe4a4dda578f01d5018524bfd4937c53cd9f4c4 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db
| MD5 | f885c17415b7a1cd6d00967bcfdfb098 |
| SHA1 | 4f2b25043b2012205c22786e4028f3b75973a736 |
| SHA256 | d65959c375ef674e915b49bf0579f0379ab3d7b3a2779ef267e4b27bedf3b425 |
| SHA512 | 5bdd989aa0751886c8bff8dff0d91a44620fa8714f6d41d2daee1a6ed9f3143890d3836a2762cc419576717bb2c8628a43cdb5bae4c0da6c45e7a7998eb61f4a |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\GX304FV6\www.bing[1].xml
| MD5 | 5f99b71d6d6e23f1aa55d0886b1d8035 |
| SHA1 | f09f8241de8dff820ef3c700a3ceefc23659019a |
| SHA256 | 3934f3a3f46c215ee8bae0931f5d55a3ae48fd51b4789c46d75fba75510ebc33 |
| SHA512 | 22ecf9d73e03ab2abd54b00b32c3537216f0f2d1d1c608c9f7f25da8b09794cf2fc83cdf10b79484cc5aefb4794089c2541ba000cf2c217604c0d1aeb696a772 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2b6a307c2d79e493db16a18aa654706b |
| SHA1 | e95fd8984e40d9c0fb7bd3a214d9e92e818cfd6e |
| SHA256 | f8e200eaced7b5134ab6117aa8e9e2546d4f218f43b3b77064eb2c6f7f4b0d8e |
| SHA512 | b2dcd0bd60e94e8b6e5096299b37bddf91f5f5984f9e75c4afe1e1037d46e403851aca91b4e224d317a52edb8b488ef4ffbbdc2225154985f9c891fb09a6e42e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0c2d654b0a85abe4c8febff592fabcbf |
| SHA1 | 0c9896d7637296998ecfbb30ac652d5e797fe890 |
| SHA256 | 5de3684a49b606625abf6d0dec01f41ff9659085fc483efcc0fea258987803bf |
| SHA512 | 0a3a847f6e14036a95eb64c99a099f15eee1ab04e7f7c378d7421c86af3e9ea97082ece6898aa008ad4d4b8b6430c4308efe55eb7c8c4b10122a6f869334e1ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00015b
| MD5 | c594a826934b9505d591d0f7a7df80b7 |
| SHA1 | c04b8637e686f71f3fc46a29a86346ba9b04ae18 |
| SHA256 | e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610 |
| SHA512 | 04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0e78f5d01ed24363a3bf3d652f3831d0 |
| SHA1 | b4e103947ff1950c5fbc1a581b259034339fbf59 |
| SHA256 | f615e9ab1d78992e87f8e2b6d770718480947cb6bd8209117cb3f73453981058 |
| SHA512 | 42d746dad511826f6c48dd33d11af4bcfd2dda08ac06d7d1ba19e36e4a3192ce34e1d656562e990d4911b9c04183dd64c96712a10fe11443d1a2372fb413ce3f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000163
| MD5 | 0800f316866f3b20e5443bf0b6c133a2 |
| SHA1 | 0c26d720ec1078b683068d5586b3a204ec118bba |
| SHA256 | 8bf6fdda34cb70a0e5abb753af6440a64d37ed2fee81ab1d9c478f7d77aff84e |
| SHA512 | 84d9961ef0b3890094c0809750708d57ab23a9e21f76fbddae37fe04443b44c693dd087e51ed06e5ea2900f1fa7f2bda76f8991d3f8396dacfaf923438e48d75 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_16.db
| MD5 | d4357ea80b32a446f5b93f7d8a938079 |
| SHA1 | 845511d6171d4cca3c67643c92b1f2cdfd14a095 |
| SHA256 | c1d4ef7be80fe4a3d0135babde4b276a8b7b6dcf95cd0bbbad7cecf475fa2cba |
| SHA512 | 86353002d4c5900da98b02b1a40195b4aa64f4ea87549e27937fccf89738d3e654518725f0e2341cb7084634d38ef4f63657c5ef82ed7c4f6b3d1558450cac97 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 584123715a49de507ba7390c872db951 |
| SHA1 | 7734e11d69d3a83132779299b9c0188e6e73ce41 |
| SHA256 | a847561ea3f33db7f80924eaf675869b2f95273a72f272b80c908019ab35e7c4 |
| SHA512 | 4ad5b2a7db27d80d75a97f4f9c5e4e747ab82a95afc985d4c8a83bc9500b1fa3aab52430fccb65107929b77d000ce3d80b4b85a8d444dd285842f93758e580df |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000187
| MD5 | 6931123c52bee278b00ee54ae99f0ead |
| SHA1 | 6907e9544cd8b24f602d0a623cfe32fe9426f81f |
| SHA256 | c54a6c3031bf3472077c716fa942bd683119dc483b7e0181e8a608fa0b309935 |
| SHA512 | 40221fe98816aa369c45f87dc62e6d91fcdb559d9756cb6a05819f1cde629e23a51803e71371f4e4f27112a09489d58ed45b2b901a5f2f00c69c082b3576057f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000189
| MD5 | 623c502c14fba19c5c6a6faef17d106f |
| SHA1 | 85d848a29d5c928fc71286ceb8efc8b58d3c06be |
| SHA256 | ec3d0746d24305a1dbd250e0d5bab9a472e01bd004c52dd68108b56109c0225a |
| SHA512 | 6758a80db46b2f4f4294b32bff28d0d62492bd1b557ca799b8eb3616b17d003c0729b2e0bc197714c24bd91be473ede1c1e1ab1bb00cd46934d1e563519c4031 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00018a
| MD5 | 0e32d38a75bd0ae9523c2d56553d4203 |
| SHA1 | db5c31829474a49ac03c7e1e220143e9fc626235 |
| SHA256 | 024b0418438147f57205de39c5d937b4cff7736c88e99b2dce84ce2b4102e8ff |
| SHA512 | 373a6747fad67e6b38a187a584fb0a01ee58999fd17d18dd0856c7d1a9c61af2dc19191db844f319f022169c6ac0427ec49e769f80959d314d901c0eab5df13a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a32321ec18344d04ca7387cd83b4e6f9 |
| SHA1 | 62e1be8e4ae8138f849805769e780ac2c4151167 |
| SHA256 | f28ab23bdcc0a7b6913d6394cbf439a9314040fe41fd66cac674e6d576561156 |
| SHA512 | b1bd2e3f18330e5366c97e09b213e0cd0563186ad5cfbfaa1fa18a0cc5223d79ed9b61234e7567c9d66fabddf3af71abb817e7ff80e4d7545e8e8595a67fa579 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | bdb2e6b43c1742cf18352d9fede0da0c |
| SHA1 | dbbabfc7a0c3457b9ffaed31a6c4347e8759364c |
| SHA256 | 61220bb8b6cf57710bf4837c990d4a2f76bb14551bd96021152db2c1c7ad0f65 |
| SHA512 | 33edd53328f0737ea1fae7a6989c006ea26a0f04e89c1080caa963b25236e404a5ad9bff37024727c0e62d139786836dfd80be482c3b3fad506daa13b4150d76 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00018f
| MD5 | f65b0bdfd00937eb399bb86a6fd7f1f4 |
| SHA1 | 0d48d5f072ac4174ee6c85041ba69e16f191f976 |
| SHA256 | bcca95df483c59951e76eadebfec9e3a87a7e11fec2759254188a1c4912167c6 |
| SHA512 | fe0a2946813dbcbd99998b3b9731cdce4d213083f299198134f0bebff30f5ae900e556b1b3a6d452958ab8c643659df31181ff88b8ea84abb7ece46400be63a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000155
| MD5 | e33076f49c92df5608dd2ddbd77ea3e6 |
| SHA1 | 0347047e1093c49bf544486661f682dd70e8bad3 |
| SHA256 | 477d49f06fdf574d269d6f2ddd5c6355ca89380a1c805dbda0ad3bb36a01a222 |
| SHA512 | 1bd622c70000d325acbd7a67488b0cd3314b4efb85133dbfefb2bcecad9a43f689ee7aa6ccaed4470c5c7aff86fc8ae40793d5ba5defca6e5b2a460904663290 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000195
| MD5 | cfa2ab4f9278c82c01d2320d480258fe |
| SHA1 | ba1468b2006b74fe48be560d3e87f181e8d8ba77 |
| SHA256 | d64d90cc9fa9be071a5e067a068d8afda2819b6e9926560dd0f8c2aaabeca22e |
| SHA512 | 4016e27b20442a84ea9550501eded854f84c632eeced46b594bcd4fc388de8e6a3fbfe3c1c4dbd05f870a2379034893bfd6fd73ac39ef4a85cbf280ab8d44979 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3d784d6f065699e7_0
| MD5 | ed98f907c2a4f80474437ef639d56c49 |
| SHA1 | 712cba2179a5620b4874658220254c3ae5ba401e |
| SHA256 | 2319945c8cd68eff6c021bc22d345e06e21c420c2182e4fd4335968b366ee22b |
| SHA512 | 8073e7ddba702e747db4047873fd40a7920a1c3db86fd21296198c34feffe727a6c68ba7d158e924442ec8dc258aa49f35b01645906a338b9be3cff011893322 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_32.db
| MD5 | cd3f32b2ceaeb78b2a23dd179a23fc6e |
| SHA1 | 418aef2080cc12d83d75becf995ca9b10592db8e |
| SHA256 | 78820a7389f5b3e817c55b7df8d2d3077b64ce6d061df55aa4d458e9a4ea356f |
| SHA512 | 06ec03c9a5861de9f97e0b98e81abf9a59f2164bfaa382e57307a7991c1cb4a1291dd07bd26157f217a95e69eff91be8a15ed36a26c83371838fbec8cca09164 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db
| MD5 | 44d9ee4cca4993ca73fe131a4d85673e |
| SHA1 | 70d288f985e979255988f337b2ddfd46d11dd8ff |
| SHA256 | b506614ee290195b36e61c31472a529b48c58433c85996380b615bbb33966bde |
| SHA512 | 9fd25657088a472032c8494e5354971d99d190311c198fe0fd1a63203745a944126979747514d11c57a48e1ede0ae5bc6eafbfec7d964748928e33a2297606a0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000198
| MD5 | 8a42ba5472aa4afa3d3ac12f31d47408 |
| SHA1 | 2add574424ac47c1e83b0b7fae5d040c46ac38a7 |
| SHA256 | 759bfec59bce5ddea7751b7f93408074a8c27cb2c387b08b6b9f4aa111266ec4 |
| SHA512 | 3e1081a6e1c29f6dae28ab997c551a6d107d4f4b7e0981a19ba81a30a4e420dee1791321dca8f4b500c9e7e4a41c5e5c75013a72e5a5cde3f7e6c50393eb10b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5a322bd6a789cf3aab8f9c43b674b19c |
| SHA1 | ad490afc211c901dd0a5241b42800e3835fb0e45 |
| SHA256 | 47eb59528a95cd2d229fcf11e1f57e60048e653dc5e61beaef0781fde99f2c0c |
| SHA512 | ca036c6687291d9232bc7179f89acecce62cf3df33d233df1578710b400780eb26f28c3ad6d8d97a742929e82561dc8e68b66f421ce48b3e0f4c95624df689b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 894867777f4e84adf43910ddb3d6371a |
| SHA1 | 6ea426c7888e7dd600508e047288551c2bcf3a8f |
| SHA256 | ff4d1bb92dd3461d56b2cc0d782a09bd5dff67afd1cde5738d025f5ef2571dfb |
| SHA512 | b2e1a35d952cf019bdf07a5195c76aaa04670b977cd02d76b95e983a65dc32e25a994d57d68a46ccf749a8203ec2c105b137fda2ac1c4534638a6bb7c6bf3a0b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | e79b0c074ec58a7a16e5a7a2801c8264 |
| SHA1 | e2d6d4b8706fa1da9ad9bfbb06716fa8aa91b0a2 |
| SHA256 | 095c5968689db5c09f95f21b10dd8f116eb702a536f6d4d273ae7f2bbbfe7a66 |
| SHA512 | 86afd3211e5d23b2c561e0a15cc3bdb4bce1b82cea43970dc71b4a2e7ba5fc94a9de01c746e585870159fbe26a682282daa82823955ff8862f4157f82869085b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fa3903351ee5851b5a70ba4a5907d736 |
| SHA1 | 7ff409f9b5317ed1fc29879639fb7e101182c5a7 |
| SHA256 | 31a1d7363df72d0aeb4f91b78184e87417f252a12f29e3c0c86466cd017f35c3 |
| SHA512 | 2d3626d2e10098df3f29d4eae8353f679e7569f50602cdc182449380242a7e8eb442fd2adb37967a2bad49f057623bca19e0ff83b911a9f78f0590088dc6e01c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e9df0c4efa869463_0
| MD5 | 95c401afa223edd8deeac3660c128c59 |
| SHA1 | f1495cc7c9de13b72cf3d4e9417730024b78a5a8 |
| SHA256 | e820fe91dd83b307a0996faab9dd2ccfbd7dd44e12bfaf3377bd52dc08ee92e7 |
| SHA512 | 5a58765f2640172cde45e8b76df4f3c62eb803815d0a63f78da1f13c86a8ef0507771fce8c9badd068de8b75132ed4e83e2663548d5ee5082dc3913d9c11060a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000158
| MD5 | 230ab95d87a717be265134072eb17c25 |
| SHA1 | 71a3d3dd6f952057ba0c6025d39c9792ff606828 |
| SHA256 | 3fdfeaa675697f08f1c7c0fd6b77512f4bf9465e670637e8e332e65ebb9db068 |
| SHA512 | 9b0636421ad14161f211e846521149ab0a7c866e77db309dba79718487835204cee3821c9f4678e48e134614be6a02421c155a34b7c9bc424012137705960b11 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000165
| MD5 | 6b06c0a61b0519c1c8c85c037165a9b3 |
| SHA1 | 5ed0ec91c0d2ca41f463aac9240faeeacdee1bbf |
| SHA256 | a0b8f5a0bc1a05bf0256024babecebdbab0d3d5920d365a2e1dfce4bcd0284e4 |
| SHA512 | 938a138406d782e62a50de2ee91bfe80ca81617919cc53f10915647fa2ce8fbd5165ba65000a9e3ebb3a43626bdcc138e174450dc9aca8f6ca8dfa07a150536e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000161
| MD5 | 3262a64faca797f853d9f9672ed40d96 |
| SHA1 | 50b4fd6e57e9e87bc2db7a3f78b61a6c9b2c927a |
| SHA256 | 7fb4a50774c3168e2e0adb69b64bcf5ac1eb978cf9ceaa5456821164977183c9 |
| SHA512 | 72ec6061365a3a53dd87bbf6c7ded5a7c9d06fa9d8b65442316e4f8f0f00d17edb6d9675662b55062aa017625bb8647e674dff290a7dfef12e013fba51fc720a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2bfde39962961371_0
| MD5 | 991a86c153eab4c320a033d4b41f11f3 |
| SHA1 | 8f74300ed7da860437e8b3eeaaa2d8ef3ee49dce |
| SHA256 | cc0aea6d8ae9209a4fd880c97e061fdbd5f07db0cef927ea0a03327311bb6359 |
| SHA512 | c0bae2f8beb4fee3a10b64fef66170b41e394ad9b866c746b3a12085e0dc5a8a2c904bf3d8a0e4886fa5b95b84b67319be39d2a832d30375eb055a3049ca7210 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000162
| MD5 | 4ebb0af8cd5e11013a7d4516bb7ed68d |
| SHA1 | edba3b6dc82e5a88b0e252b43f62cb5d760f0fa3 |
| SHA256 | 4e2175ad5923a9e51eafbc906ec37fbd13b0698a5cc03d30a470b7126c9a06d2 |
| SHA512 | 81569ef8014b9f53b8649a079a453e707b4bc6050f224b021efbcc2cea3a4ae981c0e945c36c6f3005f07f6a6f4f568c4978f3479a7ba1f7a94f1010b664556a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e5caca2d4f4087fa_0
| MD5 | 49619195057245c8bf47bb330062bbd0 |
| SHA1 | fa6f276d2461cce6d2eb4ede4df15a6974e05910 |
| SHA256 | 97d3e407f8816f3c36f9428dced934aebb6cb119fd961f622dd5e9dff1878bf6 |
| SHA512 | 9b6c7309c6a9df4f4d834c0c7435fbb3487842fa92b80c415ed22b9adef56cea7ad7102a4ab48608bb99be39f191c028524827e5cc96bbd61812ad8e788c635d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 89d7e59e145958edd1f3e543466be675 |
| SHA1 | 510ee7cccc003c3c86198745500424f329686729 |
| SHA256 | ab3071b738794b296ef9a0092f652d2d449da2cce569d8c63f19b57de7ff3690 |
| SHA512 | ccb184f704c384f34615012ded23b8be95e6e43bd89f9290dd09baae710caddf609e85b7b40031f893c0ccf0ca74d0af215c255e8132170849f13498ed2e787e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3a19544dd8e5e4b2_0
| MD5 | 9a61e0b443de1c760e91b9aa84f27201 |
| SHA1 | 95679da638130b521deca72c165e95f411949d78 |
| SHA256 | 4da40873eb0a3e90c3684589f58144d242a5700a0a4702d4fcc36fd62af48802 |
| SHA512 | 4b70f952bfbbcfe9fa62910ebd8882b7acb48ee60c370409f219447771a4153d11de93d6e0302dbfd544273bfd802c7ec23b510489ea34e2d7f70a0a714587c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000199
| MD5 | e68dc41937e75b392b26998acb2d09be |
| SHA1 | b3ffd33f790eb21b8bae1c6c8f93c85765fc4e91 |
| SHA256 | e4b53b7fdd39514df81e6bb419cb980f00cbb8c95cd421f17cb702faf18af513 |
| SHA512 | 68eb5da95eca580e9d3040ea91717300e810e26cfed80f0765c2edc2e983d102671c358792c72c680f9a621304cfa542bb116cac9f6f1dc2fa28e39201210425 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001a0
| MD5 | b9eb8c4e6c6f11de89ab7e2a77ba466e |
| SHA1 | 26ea4bca4d3352739371f81c33b3a4a8f72cd2a8 |
| SHA256 | 5aea915e78edac882e1e90d3a898f2aa3f29caf3c6d04b180e13a12d2996ba6f |
| SHA512 | 11e9b798b2763f221cab74a73e87737598527ed3271c47a95972cfccd3f811f694b75bd4ffdb0f1801ccb59e8221d9f30d16fda9edd1d8afdd72ebf85225b649 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7b508899820079f3_0
| MD5 | c8602533b2fc36c16e06dc34ca18ba84 |
| SHA1 | 075efc3431550d726babd5b5c444458352c1a961 |
| SHA256 | a8105761b5ef2f85dd49e5cc0a705f16c2f8ea408aeee8382d9bcb2fb9e8e629 |
| SHA512 | 1d4d3837bdb63a00ba5146da311b4b4ee462a152a529ddc052bec15868ae4f45725fc95a9f795966f30dfcc23afb958265ec3beee4fcededcc86927bdd7e0816 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a7b2445be8a49a9c_0
| MD5 | be834e187c30a2a7b8fbdba37fd621b7 |
| SHA1 | 8585492ea2502036d8cf7e1afcebcfd6cdc2cc82 |
| SHA256 | 81f8fae856b7418fa161ac9f58aaa066b955280777494fabf3a7e8a2ff858146 |
| SHA512 | 5c449e93afdedca3039d16dd83b9cd8a2e1a11d9bbcd9bc66049e1b0a16bb25dde154d61fa534058f3efa2d97c4a44d2c960aad3e3649d098d20df5dd7032bc8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1ce91c7d3c2c2734_0
| MD5 | 24039ecb935eff895621addd3b8605e7 |
| SHA1 | d90882a984d39a2de71ead9126fcb0af0884e035 |
| SHA256 | f0fe0e7de5e6a49a996f6369b75fca09917715d903088105a2828d6102d827e9 |
| SHA512 | c5c59b561e30fb5454a4993b1ee1116ea469b8d58905a6d1a4309316ee735ed4fca46c29e923311b2d8094d7f439101e9560257106889190f069cd58e9d6a29a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00019d
| MD5 | 6293707271be5cdcc7112f7bbf6123c4 |
| SHA1 | d46fef33c3e6c460b1dbf1d41a52830c84671b68 |
| SHA256 | 6af8e22e6e997e77fe8225db1f2d43c1ccd793a46be55e6be1256e8547ee8ddb |
| SHA512 | 719e0711e29831ef683214e09a3a8bacf921efb8ae430ee386933e74a382fa2c0f046f4f0880ce64157f8f153c53cf8af21fcd3fc50ffa84bff7d6055d0c7e2c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 0d2f21feea6962e3bbeb45dfea557ecb |
| SHA1 | dbf5a08b19cda9bdc4a2f7f3c3af749e416a72f9 |
| SHA256 | 4b41179ddbb7fe329cb5b130141fede5e953c4878be597f92012c954509271c8 |
| SHA512 | 958bc9cfcdbdb6256c5278ad44ccfaf8595ef30df8bf1bb917acdad8384758cf9c323151695e13762a611bec08666ecf863e9f2896ecc25b9aa6e3f5bd048315 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a1c44f3cf7e3c7e58f70a5864562c02a |
| SHA1 | da2c9739da4e0a9b410089c56779495cfafe44b9 |
| SHA256 | 44de1d5fec5e551a503544c69a6d58d9b8b370ba679d432b0f844db1b4321af0 |
| SHA512 | d84af54e3d14e72bb7a3d763b11936882c59710732f18602032401c402f14f1a790afe8badfd0b894d096d277c4f3febc83694808a7349117103a58e2a04979f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00019e
| MD5 | c6f2d5a4ab2716725f9127cf39559ca8 |
| SHA1 | 80d76d63557135c2a4ddbd2802a2b14197a08894 |
| SHA256 | c07dc0be7377eecd17580a3b5e2aaf957902ecb63eeb8d5be6116be36fa4271c |
| SHA512 | 3f82e3b4dc0b623bb96a3edefef0d83a02cbf0f1346ca09d8a851de1dfcdafc80b92e0ce9df7988b443396128d499f466713c88cbfc58877594f36b0f770e57f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\669a439756c18c32_0
| MD5 | eaa5fcb2cbde703b35f3c2b09121a80d |
| SHA1 | bdb8ad5d1596d3eb3f764ce53503cbb90d41d858 |
| SHA256 | 257e15c767a8df67f91a0d2e3719bc8866ff43916942909226de1a17abe5d747 |
| SHA512 | f6828463ddbce3e54b1e8f48a20c98d042cf8a207bf8a4c25444df97e5bbdba83e4e1aecbf80a69b0c5a44031019740988644bf0bc2d198df3abe4fbbd2dbb71 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\336a68eaaf209f48_0
| MD5 | faf2d17d4708b8281b34a953dea06a1d |
| SHA1 | 01b58e8ed6e65c6f285fa5cacdea814de4232446 |
| SHA256 | 672b78e558797a6ae5fb8f6605fe66d3b7cb670e22a3aa9d2f62eccf5ed47121 |
| SHA512 | 7089bfb247fcdd2e0603cc0f32350a89b10887b340bb1f0e47903679abe262375d4f601dd448e02b9053b0003e56e50f155f410eaf0c1ff2c28625405226abc2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\293c7bf322fab312_0
| MD5 | affee5ea2d8bfeaf4871565ab071c02d |
| SHA1 | 6bfe0add3a7179e4009432333952e30a8b03f754 |
| SHA256 | 2cfd090ebdaad43f97ba1b80bf2daf9d92c8064311e107395f8c0f3845fbfa06 |
| SHA512 | d5daf90ae44b13135c7ba086a822c29c1e5d7aef11f527c55634b58fd2db4ba10934963e884b706c9b3b833b7492373acf1e7865df62ff9f30494c1620171971 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4c307b02b4dcc58c_0
| MD5 | 2b51172eaa7393a8497f94f59e337960 |
| SHA1 | ce9186928c677f7dd0f404c45d579acb4f1e74ef |
| SHA256 | b069b7235e7794699501c99649990934f2477a00b553c54af93e6cc3602b9d48 |
| SHA512 | d262e209f4a17369471b50f9c8e0d4ca0e1cb2f4ddb553a2babfdeab6b8cef5a7ffb709fb3a55f1db3c7ba695c3fd3fdc34bb75a84e1d79ce9562cea01e2bb2c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2610cf87a81bc549_0
| MD5 | 5b8585b8671360fec29c09698952ec07 |
| SHA1 | e7540ccaa19d270298d65d473a578c2500ac3e1b |
| SHA256 | d8b2aa3a6b800d007ee479690e5f6951ec39d1dbfa9a59c67192cab21463c9a7 |
| SHA512 | a40fc63e28a3147132a42fc4ff64f88e04e59c93343abe7e008e6c09c09bfa901eabfb7106188116d952c289b8f49a75def1f7c827b70ebcf7de79a97ce8c9b0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7c22df8258f6388a_0
| MD5 | e38798fba6cb42fb1c25e1f96bf014ee |
| SHA1 | d6027884c435c40e4b57ecac3bf945577779b565 |
| SHA256 | d63c6b4a0029726c926dd7ae463e1fee9adb4ce872f0a17451659071f8874892 |
| SHA512 | 48d9c4bbfc09e9623f9a8f645b1bb84a0ff5579dac4875c8f9acdc0b2f197d229ed0ee8c0a1c699d197413f99594e2c6dcc752bff382f68f42533092a2829728 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | bcf6aa4af8f02c9500606dc62dd98494 |
| SHA1 | 85b272b7da6d4ccdfbd3682030bc3cf75a5ef783 |
| SHA256 | e53acffb65d43612f7cab77b7021321443169788775d36945d021a20341920ca |
| SHA512 | 0867a9a8292b8bb0f1b007410b3fe59abf7b541d5496d9543dc1681c3e53162c1ced75f8b10afb415919dc2686b26d6c0233ee09d74c25f2b2413ea35528ab9a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 60ecbe6967740a8437bff35170c0ea47 |
| SHA1 | fb23bcbeabceda3a089f25b8fce7bb56efeb5d09 |
| SHA256 | cae5b2fbe4f03c911233468dcace5e573b617e4dd0b37850d64178a651113bca |
| SHA512 | 56ca7af03ad04bbaddc53fb547ed21f7e3b154d8ebd88fde6d4ae48c514149a0245b6a5540eea222db583aacde8a130721a3e8c14e607b2b84ca6386316d866c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5e6bc9a817477a85_0
| MD5 | 715e5b84e32fad7c8b4ba83d49f4d103 |
| SHA1 | 340d3c4d7e1ec8e72b09e735e4de13f7a06c0a08 |
| SHA256 | 8e18636292707a291b2f8500d45517bf04b90103ccc9ce9e8b3a92b418305df5 |
| SHA512 | 4cde006c8016cc279a2f5b8e58c6f9b98a1fdc047a1174765e3fd665906de6a34c6cb1cab976eb2c22d13a12e61af2e884f561e0845cc588982b548febb58ed2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\aee7814e3541c134_0
| MD5 | 1b698b4736c2aae11a58ced4b869ef9d |
| SHA1 | e4a20657db5c71785bd2f713ef3b87802f0c819a |
| SHA256 | 78960333018672cced328c0fe2c8d08897b0c28bc9478e328c6cc0bbd1461672 |
| SHA512 | 3672503630ca2aa749b6aa6f7e2f4dc05d37b95200a7c4b42335bcff5cebf70193b1ac11a95d1add0e86b844806f209a9c17fa217bf0ac1becc8cb4d547daaf5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\dbfc2240a4d2f88a_0
| MD5 | 5ed59205196ba9e737dfcd8de3c5ef96 |
| SHA1 | fe38b281c645402a2eafe5c4c711cf80d909bd5e |
| SHA256 | f7e05b24c85090266e515564af9360b6a29efaefdddeb18c5910710d7cd1ab42 |
| SHA512 | 6af7bd35dee235e960de0bcf07809bcd39154f796256787e09aff4951d0bf08fb0ceda7015ec46a3a42aa0d878b011f91ec9baf5bb821ac190587a9f63b9f44d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4f8bb7ddff3a5d1cdefda5acb9b80875 |
| SHA1 | d25cf6491c8ee89c3a181ac24f8fcd34adb78a89 |
| SHA256 | 1ac1d167c1c9f4e2519dc2378bd7e6d0ea43d616db4b90da4ea01d9c24fc7a37 |
| SHA512 | 0db10af134815742783751a11fe54b6c860962ac1a6ca2662bfcf73ff87e1ed51d188e942b6cf10a9d96d8f3fd9eb9a3369067df08bbb46bcea64d3e32f9f84a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5f317d647063008dd870269ed0464550 |
| SHA1 | b9174feb5ee223d1cbb19e609f31912c885746db |
| SHA256 | f1476dbba4c81e10925992c72fba1ab0e2e6ee8ed4014b00a189362c84512229 |
| SHA512 | 0a6da3e31b97adae92aa999c6aba99d0443e504810970fca2dd0c81ad458f946d542ed59fa03b2ce92a2f80dec4f9c1fbb21bb4c8a1f096e1d07fd0aaa55c0fc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 141c4544d74ebdf0893a053f05209daf |
| SHA1 | 3f45baa1f8fb2160080b1ffd376b2f505f422def |
| SHA256 | 3a600ed03424da1a32b26e149a4ff481e7f443c05fbe030b3fca8fd2e8d3ebf2 |
| SHA512 | f173e2cf6d0c13593fb90702916b867284340418a6880079aa305329c470cc024ba86e9420c2526c10b5a3923032a1b8890c948fb3fc4f3e89537c61716000cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7b508899820079f3_0
| MD5 | 32bcd795cc2699dd5316561dea3fbf18 |
| SHA1 | 43110afe26a54eb66ccb881c18f4dc40ae9cdfe5 |
| SHA256 | f2a40656717eb8a7a6e86920c41ccd8ae323a2a95d7ea04ff0817c90d5572953 |
| SHA512 | dea4c11e713f6aa0e543b622b0c558fccb088c781dacc780764ac028c4059cf3f65df5351d35d744a95d4b339fb7381869159a0adf6356a697fe60295dcd4651 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1ce91c7d3c2c2734_0
| MD5 | dfc0157eb7bb2b0d9b3de899fec8c7a6 |
| SHA1 | 93b0c4e1b7ac9212a657f00917c9e54c9d6245fd |
| SHA256 | 5312cd55bab5c9adead5a78cc875be3d52aa6bcf2684f54062a31456fdd04e18 |
| SHA512 | fbd2135a114e546f18efef26751b32f3107f501a08baba744d03e0a1bee7c2805590ec0ef84d4c54546397c0368200f78218ea61f7c4abd1f5363a6d2b3b0438 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2bfde39962961371_0
| MD5 | fe8549a6e5784f9b634c206de22a4026 |
| SHA1 | d8beadeec59548d4866ddf78f356297ca767c91a |
| SHA256 | 62c5b7423aa8225a70f75260e7c794df434fa2607e276b8323696fd4b88d62e4 |
| SHA512 | 1d23c514bac771dc9ec1f00026daad8b26d011435b1de1c6bff07e9acc7a17c3ef9bc2affaa4ca46589bbba2f2e91630b982b0284861b5598e7402d30452050a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\83ce1fa1b2fbf1d5_0
| MD5 | 58fecaea20c01f6257788cfb0b382370 |
| SHA1 | 4a4e93e396b3677b99271cbb69258149902deb11 |
| SHA256 | 67e6d66019f803b7db8ea7de3a2a26a74eb827b2470a81c905d65b658151ac66 |
| SHA512 | fe25f1f7ad8e72fa801bd3da5fb5f00d206a02ce8753b05a68e59f7b0cb6c3700706c031b66c30011c0274382872e24be184156d8215711ce9b552edce1b06fa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 53fcbd03149fabdc95fca745f9611e84 |
| SHA1 | bbd73a026098ed4b725559b436479bb8e3014d0c |
| SHA256 | e8fcb359a9ec2fb7a8772dfc9ed085da095adb8ba5a0f81857f4da65d7a57066 |
| SHA512 | a527a25af40856c17a5df7ef8e2ee1f2dd87d2e9101cf6e65ffd5fc37b79c7d9b22105f581824c28060e8ebb18241e136e6ac11cfde6dc7e033bbf782f9271d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b50630ea90866c6413366f7e83c6f374 |
| SHA1 | ef83ae147d58753978f2ba23f292563de33ae8c6 |
| SHA256 | 56498bb1077098f5426b6199163dbd9ba490740aa7daf2e99dd0d41fda149f1d |
| SHA512 | 8d2301461e5f5288b5212db5730c0520862e592413808a3512e29ebad4cd1cb9e5e6172beaa300c5d95b884c25d07607f0e3ec9ed077c1a6cde007f4b990aa10 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2367e205d5c3bc029aec33ab1fa2b68b |
| SHA1 | 609858733cac317a34662e2b27b40d6415ba6a46 |
| SHA256 | b83939f07fc53489abd3d0acee753fce6ae9a9bf74cefad4bb81f100db533bce |
| SHA512 | 9123cd37ff6e05672b4eb78b036177af88176a66f8c7c73336f9a3ae87db07abb2c2aec48d158777102ee31070d9150c8668126b3b6bb04f444dc513b3bfb6d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fbfb84bb4c1ed4223788a9661c449124 |
| SHA1 | 4d9475ecdcec21e1ffe2abe560c58d6c726229dd |
| SHA256 | 02f1efad2fe3b40093c38eb3c57b4e17637fe1c2d77a70f34e78c61c37c40590 |
| SHA512 | 36ac78d91c0c7882430aee1bed97d3da0690c25b426f1f9ebc3c9c986d196a573c681fc6fb65dc7c3d012a9a2673a2332ae129af0628b94fc759c881070f3bf2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5c61ef283abe375419f7ce1848bc1c13 |
| SHA1 | ce6e1032c14faa4be29ce09a448d245d12930d1a |
| SHA256 | 541336e00e3944ed5a7976aed04acd7df051893d9a6792b62f64bd6eba66c3f1 |
| SHA512 | 699b0864f3798a83948f0151bbe83fd3085c41e639f8546d1a23c9f8f29cd03a1064034e51b71c257fa3f6ccc315fda25b9b53b8398fe7070d6480c01ec2c10d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\f_000031
| MD5 | eae2bb98b9e1f8243fb1631652df1013 |
| SHA1 | 04221d37f9828700850eb17e03ae079d3624e227 |
| SHA256 | b135bf0179503ed3057700dcef213a5121ff849a7fda78bca9a467be74f9e64c |
| SHA512 | ee5ee6ff0e33f78619c05299171981b8ed584545e1a268c749c96bc7bd1f77b77008327eece7ba901810467279e72e1eade8da44afff48bf922632708fa37a32 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f087f6e3c9205437def45a229eac48e5 |
| SHA1 | 19e1722bb38a8d2afeaa4480b7c482cee9f03574 |
| SHA256 | 25b577beed4873c71911ac23448fedf253d34d1c63b0743356790b06708da13d |
| SHA512 | 4970f76a9a97e83e9aa22b36e8ee82f448599362dcfabcd094138a7d7b6b669e255fec7e62a670f2d57540646b36f6d21a72ab8d8e9386c7b446183d768e42d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 28bb5260286dec722632326a36e387fd |
| SHA1 | e3771ea64db6f2c9008827f6dd24319639781947 |
| SHA256 | 942e6dd18800a604f8a050670d55141245634e905360b60180f5a36cb56a4801 |
| SHA512 | 68a1cc365c6738755892bcc7c7b320158d70b0187012ea67799ecf0e3a82bed8fc76e6f7173bdcd57bf0ea2bc8627736432ccccfead6cb1caf0cc248508b8a57 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b97f5f38bec6183e_0
| MD5 | 247911458481b1e012aa49e74f9b682a |
| SHA1 | 992eef98d7c2b9ea287d6bd3018325d4ccfa2f25 |
| SHA256 | e30c4f833783f05108329cf8c3e0aa383392017acc2854c6db50de68c0af3968 |
| SHA512 | 8bca80466e5287d7d79bb3085722c1f6f0de550f15994bbe964a412d161c20f8cecb89c30ce2995b71e3544eab619481c5ff2a21d98d3589bfb36f065bd719e0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\93d331e3a37e934b_0
| MD5 | ba190bc68db1fc68c9edbddb067cbc51 |
| SHA1 | d1abb38b42763817be7168b2ee5333c0938ff489 |
| SHA256 | fb281998a3bbe4cb50f58f8a6c8d3a6220100f4205799ffa934eed4d72db79de |
| SHA512 | 5e0cb9705ae89eb3271da9f6e2f20a89bcd6145b50842cbdb5836e38d7f7c1b3d5ed704ef66981166ed52068c829c6000d2af3e008460780f19a7dc9f309d4bd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 20699e056e457c1525647fe70eaefa21 |
| SHA1 | eb493469e372549ab3101193527b861f18d6619b |
| SHA256 | 095e66d2416aa37ed254e81f4c3b40164c1e85ae018e9dc49d084a31b9f30565 |
| SHA512 | 74619b621a0c0373cf1fe3b3c913cb42d18e71fb899d12234b2c55188de9649c575b7a9962a2b3e3b8f317a8ae584a37f06371a1f4cab7335acbc0e4fae4a11e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 1e768f225c61e612f7b62b4970a84045 |
| SHA1 | 1c29768d147afc268f849909435e2e357ad57be5 |
| SHA256 | 9615b658971c4900507b7be6dc5ba05ff048bc52dd4e8a71904e4ff6d248c441 |
| SHA512 | 9346b248954887653f665c054641d37ce2f031ca2aa467289fe4249e9d2581359b2b3d04659c8a5b400f5b2d840500d7a72696553762fef8468c98435f5d6ea3 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 80a110eec7445957ba4df527d3b25ca7 |
| SHA1 | 39243d7bbc251f2a0e61176668032299803ff20b |
| SHA256 | 6c972050d9051673ae69908df6e6c5608210db22e0e640e6053f91c11af9e30e |
| SHA512 | aa057d80146fe1b2e39a449de182b03eec6cf6060e5c70b656b82d249510699759a573bc0d4ecc3b9b73de1da50e50c8b4a9a442219309fe0f296e1052b88321 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5953655b391b861c0d83daa8da458d68 |
| SHA1 | 14a809dfda672d0ecbea5796d1dc158e693750a7 |
| SHA256 | 39d4dfeffaba41df1d22ea7a921af0bb6dff5fc6162f11f26d8f6c6a23a6d1cb |
| SHA512 | 0fe5f54ee20b2b5679807a56d8c807b237c190f6d82a025c24b2f1903381b4835531622e3a9c42822cdccb807b0414a299fbf39a819b9527c03e7623564af8ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6af270919ffae470_0
| MD5 | 3f2ce80fc2ac8cade4715faab1092e8c |
| SHA1 | 99d88f13f61cf1784b33085e6b19d33e6145e008 |
| SHA256 | 9fb8777f21e6d7e3396aa6c2dfbf70a776ece99273e50c55bdcbde5d177b7034 |
| SHA512 | 31bda96a22466c9e4f7f9fe1e37f856bd711902fbd994aade28e4b7ea230d67043cb1d0bc2da72873ab0d0d4797febc1dc9318722354a71745ed233cbff84206 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3ee6f0030e5128e5_0
| MD5 | ae65f5733709e97eea55fba9d3d6ce2f |
| SHA1 | ea82b991fa31faaeb3ecb2032db168325a1e9b2d |
| SHA256 | 3c6c4c47ba8d5ccd94cc1d350f42eca3842473a051711d50126b524ddfd5d9d7 |
| SHA512 | f368deca49315c4e315d8221bc51755d6ae09ae0048d3db0560902e1d27a7fd9666c5a0a12288cafd640c92fa391176cc427a87ccb45471767fc673f646387c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2fa6900268c3ce3_0
| MD5 | 9432b3f49b7eccd9102acc5d15499acc |
| SHA1 | ba61f5c66df77577060264c7539fe19728740742 |
| SHA256 | d9b1345f02ad3b0e33b16211f91da84fbf7f960cc5f2e6013e9a5cdd9f33e70c |
| SHA512 | 554e0bef037a1007db9faab9f87ce55f12a735e1773b339abca1cc5364ae6eabdb45d7918fe985e1891d3bf1ef6a139aae7ffed3c0769a07e46b36ffb8d7d337 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\225eeeeee166f9cd_0
| MD5 | eb6aa261d4cca41e09772b9254a0f084 |
| SHA1 | 6843b3b6439821d1167914844acb1423f411a3d1 |
| SHA256 | 4ed2bf7454ffac313d004a129d9728ca94b62eac560f2dfa5e1ca4b88e2705e2 |
| SHA512 | 0d35a63895de9dcaca9d10b7948171f6513f5773503e2871d4a14364e658b77d12dad452f3875e03d9d8b4dd8e898bb029ac4532df7b3ba31eea9cf2d67cf44a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ba76dfb33cd7b721118199526b973645 |
| SHA1 | 63538b6e2945f48500a4689cfe072e3f18540f68 |
| SHA256 | 2d21a8687e32f043309a7d0c110824e4e1fbfb1ebbb25be5b937dd84f3e67c53 |
| SHA512 | a1c98ece9305fa55819c4bc429c461aea7c491d019937809bd7cadde2249f75d431e81f67b01d7820aa353f0a7ccdbfadd5f930e340af5d85ea3affb1effc4b5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 526ca4ca8065c89cdcd56d29a00f3fef |
| SHA1 | a3b4a86710d8fb3fece21f24c4244195c044e8cd |
| SHA256 | d2a2a10c4c53939c4604dcacb52f07baad5e4a7bd7af25eb2c1adade8ee747a3 |
| SHA512 | 6b90e288fc359d9dd093df3b9e2af8970e153b6d4898a44ecb4a828a3d11f11f93b92588c51ff357092fb8aa66ba6d8350c2a052100e4733798a3f5a1b09ed9d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 62a6a6642abcd4bdf9c95ce2189b4db5 |
| SHA1 | 70633a66ddb2eaf4ae570bd150a8b69b2251933e |
| SHA256 | 218918284d05066fb3f4437b4bd3fae51d2944c369b61a02d3bcd1e573c557e2 |
| SHA512 | 865553d22843bb314a923edb759e7291b0352a091cde4ea1222383dae57da5a0aa69baa12a256247d33744f93db162878a0acff4e757060f8f671b7300455da7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 55d9333193befddc489b792f250fb867 |
| SHA1 | ecf97f348af2f0db7cf3f73919dbdd0add060c5b |
| SHA256 | 4cc23a99c4603e47f6c439224fea0a9050033ab2f16f7036a1132f56832a393a |
| SHA512 | e5f9d7ec5a41b75b886d8d1c99df1e3e4aef29ce3e4c4543562ce5f53e7b3bef71dd166fd4876d7d2d66f4d1722cbabfd23953c44f19183aff9dd3cf8aabb5c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e24e227fbeea57a4f1d74a8eaf0d3d48 |
| SHA1 | d5635be2e46779fe78c9c7894c586b35e6c30235 |
| SHA256 | bf4e61676021e78f408bfc8d94d644b15c3caf575e135a6ea92c961b8e049759 |
| SHA512 | 9361e52d93cde53407669d2b1c73ca4d91f5d5c31bd70a5707a24f24f04491887f14680036c1ddc4135ea51ec9f75dba4d9d6b6792b1d50930df6e0cbe8ee7cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 60a216b9c07903101bffec09ef6320a7 |
| SHA1 | 043dada3ad19606f5a4f123422129f4d7dee856c |
| SHA256 | 708dbc62931f2c9ea95dcaada9f252a903bb03e988ff3cb4cd03b06caab97346 |
| SHA512 | acb47cacf58b0327a949a5f8f0b7a02194219da0cfca8ff980884265deb0a88930472614d8538ef75d992e25c0966b656c45b9e1c182d28bfa821b115fd8da36 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | af3f3dd643669f93cc5334cb589f0003 |
| SHA1 | b5877265bc9db3683efb2908ff7157d5e4fa4fe5 |
| SHA256 | d22e9e930e5dc0b53b6d1cc88e710a7271b601342acc2a1c00b607794b6de2c4 |
| SHA512 | 9ed01c0730393b55e6e63f79fd65b29634167fc8fea605225640c2e0ee86128cd8ef4e01472cac4135d090c55139abb009f2bdebed19d05d9611466c6d34b7f8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 00335235a363efdb4aacbfc5c9e39056 |
| SHA1 | d2f3e5432da4513d44996b13ac43f40b44bceb00 |
| SHA256 | 147be681597b9843a84201fc9ea14fc12f52e03edb17eef4a27b87615b0940f1 |
| SHA512 | e17619d25a65f8520e9c4b28d54f0a39ae283479035f45f1aededabddd880495c3afe929b52ffe7d75b0338edb107b29088d56999d6711b3b4f670c825141f11 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\JumpListIconsRecentClosed\9357eeba-f8bf-4e66-b916-b7fce7740876.tmp
| MD5 | e0485c0d743883df435265f51f5934ef |
| SHA1 | 2be1dca331fcbce9e08f7c58abc23a49988590bf |
| SHA256 | cc284f9755742791d39cfcaf4435a39c727fd8469bbaa647809f3b710cda3cd3 |
| SHA512 | b518d0774e6ce8cab200d741be0cda0cb3905fece843bd769e0b64c437a903e204b5dc0fc6544b425d86861969a58f7f2aa589eea8584ab60b056183c1b551ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000141
| MD5 | 3eed1f2747b1dfcd010707087c176785 |
| SHA1 | 74dd2708c091bd7342229d70d4cfa068a85313a7 |
| SHA256 | 67a6518dfe79d127eafb639ef9c2746205906dff06f0b6bd1c9c7d5e75915088 |
| SHA512 | fa6d9b0fc41b2331595e0235d6ff1b802a40dc1069fd26a68986a7a6606a137ef0c0cadd3d676a6b0f90e608581c5028b3557611992ca084bf02e7598c609e18 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 06d95bf7a6907c3dea9e74ecd5e1985d |
| SHA1 | 24a376f23acf9163e93c7fd5a5d1e2fa4a3d0383 |
| SHA256 | b43af7418751056a84db2752b1eb4bb9c5aacf9621a22c33ae3c2f903561c1b9 |
| SHA512 | 194683feaf57272aae14f724cca18ccd29a542fb2e5ac489b98e869f24ca3f1257851157de7a68fd11e814a19bd907deeb3339cdb14902c035f3fea9c8bb413e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0865c87dec25889a2f64b8e28fe5b561 |
| SHA1 | 80d21215da8541fdefb1bc2319d3f5392053ce4f |
| SHA256 | 4f5d44d490c7d0d5b4e1aa090a618189abe26649446361b16ee84546b2b1ae83 |
| SHA512 | a813283cdcde328d36d4e6db7256a9c6296b6ac9b0bc241283837196f5dfe617eb8619a906f7722f3628f1dc883d25a2c2b5159ccb6dd3080d27b4414d8c1ae3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00011d
| MD5 | df8e486c6f340d4237f3313cceb26345 |
| SHA1 | 626b6102d1f9dea6f70cc25d694b6f90a31e6d21 |
| SHA256 | 386eb10366a78e52f31ff0e5cdaeeb480855700528bba6c75ec53f2d43dd4d6c |
| SHA512 | 6fae8325b77fc0d75b9e9848ba6be151d28e4382c2389700e9643015eea4e0a5365c363a271a8312a51d7026e04049dd61cb058ae7abef8be861b2ff91451278 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6723311ae2cf5f1c_0
| MD5 | 1005c0a80b90c5ce1b3bcca24d42804c |
| SHA1 | f1f55fd0d9dace26fde47689cf29ba354893db33 |
| SHA256 | 894a87b307ec7bf068e61b81d84e736351fbd6356e73f1934ed50f4ca743a1cf |
| SHA512 | acc3d3106e23391723f36c5c3e42060d99f8b7ce3c2982489c2a3ab967a601d9702f21935b67860813fe75188801061ee1adc940070bb005e13f8c45e87b5ac8 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 18fdf35ce079ef02720bc6492e6f9321 |
| SHA1 | 6ae07d8ef1f21e3ecd63891e6bc382249930fdfe |
| SHA256 | 14d2ff7585736c9f9b3ebded03439f1de151e6d691bd75f6a7d56be7306d66d0 |
| SHA512 | 65f21839f44baccaa791e1296981d88072da095601f61f359a2673a4f1edbe3138ad2ed015f8b53ce7042c14ef4867de3245331fd942534f3b4bd214920ba2f9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6a45dbffdb5b5dfa58574b7f7c31e99c |
| SHA1 | 0bfbdb5adb2fad07ccbdcb8a340ca3de940af2b1 |
| SHA256 | ef82aaa35c3ae6ad3286afb3046e2c024e70b2ab5a7a59d8c12907fb393e6c25 |
| SHA512 | 6b4a2d9e5e7b14b6f2128b2ad39e7d04838fd02979679a27f7379ced5b0ba84f6b67c819fbe3a910202663da4d36c91a30129042b8c8a627804fd62066f4932e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a00bacaa2279edbe6c198f7006762f1d |
| SHA1 | ea2fcc97ec53dfd53db12fe0e6f728a5a2cdae88 |
| SHA256 | 2fa568874caf849fa94cb2a1f1307d96d76569f3aa901769bed5740b4a2196b8 |
| SHA512 | 120e481342482cfc930a09bbfda50bb585805eeb4bb1f7609fa12d940a4b2124fab6c6164b723fe04ffea92d5eff0a08019002e502c1579aa96a60178cc3f4c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e0e65d2c122db57c1a62715638c8238c |
| SHA1 | cdf9391b78ac836230f5d1155b96dc814ad554b5 |
| SHA256 | bfed159b180c991413271c8cedffb8b5ae56a4b9e9ccdbffcb569c0f44dde50c |
| SHA512 | 6e0b503724ebd6f06e133340176e27f5373a41f00899eadef4ce70f02e969fb026e144e2e151828df7b7daf42c40a55a3a861467e213e2a233c41df2c0e2ebce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00014d
| MD5 | 7820201f0db0c706a0ea5bb7ce018ef2 |
| SHA1 | 6d116650afbb3b25bfd6226c7d5ee00dd1fe4515 |
| SHA256 | 04f262a5cce0399379de17e5635f1e1acaf4371afe981edaaf792625a682c44a |
| SHA512 | bfecb88d8852c413525e1e1bdb3eb69c97a10e4ff67ae3ca5eb97fff5a2ee369a1b80a0d314440a375d0f9e950e0e970a6de6afed09062d8523ca28ac878946f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00014f
| MD5 | bf6932806538be17b488fd02dfb7d3bb |
| SHA1 | de91359b368dc30c8b18ec7df8095398639f0615 |
| SHA256 | fd595f23cb850653f27080296cf9570e0f94332bcc6a68a1b02b9f071b1718b7 |
| SHA512 | 231e1da24cd32a37bb0f9005c953ff8d89f1d67523785ad5e33c26a9de99e6a0de9eb043750b95419f3bb109532721c54f514eb240fc781af3e81730ed69ff9a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00014e
| MD5 | 89a574ff00e6b0ec61d995d059ce6e65 |
| SHA1 | aea09e96808ab77165ffa712eaa58b8f056d0bb6 |
| SHA256 | e5c29c139842fd487473d0824f2c01b374680fb35d22fa929686d17896602a44 |
| SHA512 | 30d0d40bd680e61968273155b740901cdfa66670fc2af6f23e44c6b998b67cc1fcd0b51bd5f9470f209f188e75d071355e592b2a7c97f4bfd15d07d455e0909d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d0c3febaa1707f1d6b54950b07ba129a |
| SHA1 | bff2bf87598029a6d12f82a27cf9366e13579b0d |
| SHA256 | 19fc81fdd0dd69bf535872361f95ff89969d2307d07bd274c9a292456fd4d6f8 |
| SHA512 | 33a3b57554108459ad3498aaa01d3224d3b9013f4e50c6fcbc0a22e172360550afa586493bcc42539adbfd78b31cf6ec6db166fb30c70684c1770408119750de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2352ddc00ce694634d1d349486fb2f2c |
| SHA1 | 0cda3608383d3483a55da32329e01a201a222c8b |
| SHA256 | aa52fc39cd18dfbd282140b9ad215ae2c6d85deb5dcffb6072ddc6eeb159f2c6 |
| SHA512 | 266d5d544717d8ca795a45e4e49d14aa1bf4f7e7e50ccc6f91dcce4594074280f26a633ed7d442886d2c46a916e2edb61c9eac627a79e352d731b9da4e010f10 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 5d80f97abad75542605a59b709e5fddf |
| SHA1 | e3151fefe05c694cb943bc1801fd333baf67f519 |
| SHA256 | 888927d8cee9fa5704e98e110724e0bba02c6a38899323a12956fbbb2c608aab |
| SHA512 | 54ae94bfd7d75c4a205e7fb33091c952280876c5c6c8c8fa76c645a6905645f6c8c48be3f039d93911495cae5db4d0cc9962685e5e7f70f91906dcf0884d829d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 47356f236ba8a189ffb2bf2916dfc65d |
| SHA1 | d7ad03bfa302d4fb9970bac97f57c9e96701dcf8 |
| SHA256 | bb9e4d29685434a42c6a44b32e23bde16d81692582e1237a2e4048a36d4eff7f |
| SHA512 | cba6d72f31628985efea9d609384ad84c5367f4814fcced9739ea8a49c8a26e17f367d0c0492da60466f7f16816ba5b6a700792ca9e59eae528ad465ed7f792f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9306589957723f3e414f9771097ed9c7acf394d8\4b4b16a9-000d-4103-97f6-d80529effd3f\index-dir\the-real-index
| MD5 | 476540043fe5da69b1341dd11e445a43 |
| SHA1 | d13acacb1491173c11c8c7ae3202f055210a80d7 |
| SHA256 | 14d73f727dd64745dae1162d3000879b2c6a200791046d1ca41790b432582ade |
| SHA512 | 6abd3b6d14821093b36fc17e541025a9af3af1d6fbd740160633045b0808b9c0769377843720a02586df0d0595d4fefcb3312d3d28569412404345fc7393d29c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9306589957723f3e414f9771097ed9c7acf394d8\4b4b16a9-000d-4103-97f6-d80529effd3f\index-dir\the-real-index~RFe6f73e3.TMP
| MD5 | 6d96b8c8b5f428b49ef0bc47edd014cb |
| SHA1 | fade8cb8b8577e821813e8d884951bf8f1a7443e |
| SHA256 | a7b8cdd1bcede8fcbd9a55c4d63e42d9e8eb8756f4b6b47988e032993b77ffa0 |
| SHA512 | e0b042e1ff858bacc7568275e1acb3f83a3227aa1147619989a2d3e5fc64f1f1af66bf2ee719a77ee959b1d7b26158e4b0c01a2e2414e0d4952102d9b712c893 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9306589957723f3e414f9771097ed9c7acf394d8\index.txt
| MD5 | 2fab38f7f6702c314e0d131b2fca977b |
| SHA1 | 71b7f3225b59f909b6e59cdb2359f7303b498386 |
| SHA256 | 52ea59ccf0b4517e21ca61dddbd3f22f10b6e5168a7cc5298ae47ec48ab4e00f |
| SHA512 | ac8063cb365458bcf5207ed58de1d04bfa7547b6a5e586b7370beaefe8f57c22a7fa5227525b50a25f1f52599296cc3eccdb0716d6b6ab756ab436a0d1000142 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\9306589957723f3e414f9771097ed9c7acf394d8\index.txt
| MD5 | 78f3f7e79362e830bffa1b3e0870177a |
| SHA1 | 078d9ff550c41e1a7196ee53d01ae8b101af2e31 |
| SHA256 | ebe74d4fbefd36245181d8d62a1e81f9385ccee3f1db9e27787366293abee2b6 |
| SHA512 | 69120e8de571a6d03e37a8ea08ba085149eebc419c9f5c1f178f3e542fe6a60d59f0255ea76ff275527b34d5ec7420a5f3024d3c4bdb0aa779175b0792dca6e0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 521f7145c0734f86d6f85cff7540ea41 |
| SHA1 | d1c3386898c75bfdba64aab386cdd6f4d581b252 |
| SHA256 | 65304813c99484eb40aa3cad07b5b2a5945f05aaa43ba583f2d606bd9ec74091 |
| SHA512 | 07c6b546669fd30ce683d06fe41a18a0aaf831ce953dcb0515bb6f9b435985c2d33b76a06395b620c6d95247426c7c19bcd8fc752c8e8851c8aec9728620bae5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2bfde39962961371_0
| MD5 | dad7bc7f2e4da85eff168000553f373e |
| SHA1 | 809bddc88a72aaec7343e700ebf6cbdf0ae23576 |
| SHA256 | ff36631f426a8e7986db4472184418dcdbab223a8cb6f9e103c56809579fc608 |
| SHA512 | db9d66fdbd37e675a8f36e5be3f6b2b72b816a69ff5e7cc7d2e63239c26c4c018c3ca49d73159a19f5837435d1287a608fe65bed800c684b22a78e9992932a16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | bf3445225033fc0aa60ca1999518c100 |
| SHA1 | 294107f02c3cce8a4e99c536ff558f742bd83888 |
| SHA256 | c169e7a7be74a2959133b589c254dd5c1966e7f62a6721ac23af9b477647beaf |
| SHA512 | 8857a1f1e382b89c8073d9c3fac0fdfc35c634fe0f39d15c5357143a3f03aa76ea498de82d8647afb8a0dc3a6447992a7e5f553df959f08208a5b6d995c7a3c9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | ba6a949d0ad853dedc5fb2375277b61a |
| SHA1 | 5d9469e8d9dbf936a68df5a38b2e3d725a483ff5 |
| SHA256 | f65bd5cb27cef20e33d03138d926a105f41686c2b995cfa222b0aeaa2d6c5cdd |
| SHA512 | 0cb64bd1093264b20d4fc1d6d205c83c5424321116166469bc0fd584062299c3abc81f5bb485aa9ce5e17b404c0c7b1c60290894511320d56cbbd9e26255a5f1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a56e2c4d2bc8271df62b0d5a7c65efee |
| SHA1 | adb8f25a3f557be5a0c2089c38b97fa6b51b83aa |
| SHA256 | 5d71f3acea8af78433befca8e6652571c3b1911862abcefbbb4630eca2872306 |
| SHA512 | 560be02048d43015e481e561f35e9053b35e28f675ebeccbea901018a5bfea6b41ab07a8a4174abeaeb954b537ec2adfb3aea3a71654a06d509390c23a91d855 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b10fd8f5b56946339234b09eb4d34f16 |
| SHA1 | 8565b585ef4282847c44312c449f1ab11d993f18 |
| SHA256 | bab841708756328e2103a2ea359cf76d8b626ed18c2c6e6ade44d678c0b4c965 |
| SHA512 | b95bbf9d4e95faa9159ddf6c6f4e25a62203cde9c2f406e2bdb752b422000384f0ee3c29a6e573989edc3223061627b82677478ea4a98459f24ccd006849190e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 86b8f9fc2d45d61e53fb33460d6a66f2 |
| SHA1 | 556b8e6802ab659a2805410d2ec6afe42d58d7cd |
| SHA256 | 856b8b4f4166a1293129c056c731d5d6a5088a822e6be39c52deacfeb76f5f44 |
| SHA512 | 35c6d07b712fa5244e792255b2ac2b6a9d3fa5319e733e20d2ea3f1efd9504fc0a4ac22d9e5d607d7948bb3f401a48f5e233f5ade26d6cef9f77afc1c424370a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5e6bc9a817477a85_0
| MD5 | bacf9e462f1c27bbc6353fcd7391fe95 |
| SHA1 | e5968796a3a774dad00722e4a63a6086b9042ef5 |
| SHA256 | 251556b4f2df984e505be9effc51c6f58ef379bbac7643049d684dd5766cc81e |
| SHA512 | 88b2fe3f030d44fd7de1aff8e1b9fae4ffbd5b6022ae98a01a1e67b8a277c1bb20b0b0a200949f9b8b2be3b61152e10287f0cc5b4b820c49be712703b79cd27e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\6692dff8dfc5c0ae_0
| MD5 | 63eb76aee7882322af53b29c4220290f |
| SHA1 | 7d9a6972b41cf7d14f215fb9c9ebb636856e6cbb |
| SHA256 | 8eb5bdcd2e819688b7d4ac16c3cdcbac719d8c35cd4322efe266ec4b1af43661 |
| SHA512 | b81b3f492ec87b1c698b666f186ae2f210764efca2faaa7ef462fb0ffdb716c2a2aea2f0ea07c54bc9ca49cfc104fd3fa26b53a353aa5b1b2b9255824e3a8774 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1ce91c7d3c2c2734_0
| MD5 | a9b2216cdf43422c5246d95fd13061a9 |
| SHA1 | b8ac31bc75c9590dc0f0e9f7138b891ccef9ab2d |
| SHA256 | 25b3c0c2a4215084d3c8b5f349f54c5dcc0ffb888fac6cb18cc6a0609ecb6e19 |
| SHA512 | a9080618bc1a21e4225fbbb1cd64607e7d7b683c56a66e0e23a3d30bd3cb4894b67119c29f2f6f849bedcaffba42fc17b5f27090d731c8c9f0b05fc3666c2e18 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\258750babf5d91d4_0
| MD5 | f017d63fbbad0eb07476ed781740da12 |
| SHA1 | 9463d75a71d6692de63ee55428320104c5f5b0c4 |
| SHA256 | 7f91ed154498c63bf62cdaba6d0a2fa6c30c906fdade23a7c13d8cb6fd9b3cb9 |
| SHA512 | bb5ea9d288dbbed6c6be3661527ecda885fed6b3d092ba2265a04837e68acab837e1aeb5f7c2e44e10947603342c545ab1c8b8dfc428a7b3089417c9dbdd4c1b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\580ad99de3363834_0
| MD5 | ff71a5b4e44890eb2285e72af50381d4 |
| SHA1 | e9ef7d581a940dfb80f12e06b9745911066ae88b |
| SHA256 | 0db1e2160fcafe1d904b51c38e5a4129d279fc4be10b453d5fe1919faba52db2 |
| SHA512 | 9e80355cc37bcef9f22164227d27697c3962493c3874e2a6756958e764df0b5c63b7b0b84a768c50d657fb4041554cf6cc26dc26c156ee552b5964f77d496ef7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3ad860519fb87cb5_0
| MD5 | 50591c4c51c9c9af5423b60e930ee5a1 |
| SHA1 | 239f40b6306a3cf8917007073e23a12345a8f28d |
| SHA256 | 288990a95d9efd49737bb8b948f66dfbd85eda6450296a2cf7f90bc2e322e246 |
| SHA512 | 11df5398a367d02e7de3994da5dd5d14b73f0e34d228eb1d06f101685541eb42ee0626f077988ba98c0a4419cdac4c0d974b31fb54035d35894826c6f20d0abf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 4dab1a212dd64445a2924959d9c54095 |
| SHA1 | 6c2e394bc3343e4ffaba8d92da43d3ed1a2eac55 |
| SHA256 | 43d364edd386a983c0fc80119249742802380b8ed3793ea9e1ed923e7985d968 |
| SHA512 | b73591a5e147959721c7612d95d6a79d2b3b13768721c9681ff052ef1ab31c4aa300ac43f221e623a31f8c6134755a87b5fcc8915a9497343ab4df4be7ef5f6e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b5016a7bbae9982e281526b4ee929ec0 |
| SHA1 | af902df78dda7d2960b8e6951541295b5a5f929c |
| SHA256 | 1a81bc889eb3d0d850eb3c548a94c885d615ebd1f59f11768a749453f1ba12bf |
| SHA512 | 719a2cff591f4be921199a323af77d1099f67c44b67507881cbf2f1cbc18d54aea98041a815720aeaec98b9c7651c5aa684b198f919dd918a0a52c478c2069db |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\wasm\index-dir\the-real-index
| MD5 | 4244eeac12767f4303ed6531bd768a03 |
| SHA1 | 65d6392c9382344e718167645b4be1903d29dbac |
| SHA256 | ec589d17307e5cf91e05d318d3b73fd62413772881d98472fb106627f61a3d65 |
| SHA512 | b80e5db2eee13f151da4ec7106725508d0b1511a6f2845f3b4fe98a5c13ce0f07f8653894949304a28703908d75103ac2c4a8e608c4e34d704383271f5e09b25 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | e05600728f95a735f2310f9f7bf6258c |
| SHA1 | 1b70f2d0133ef7957da3c113c6ddf2321b243b59 |
| SHA256 | a59e4b8eb65be514bb5ea99b498cd322a15e7aeb2d8158ca4b6f409e51f98a44 |
| SHA512 | bb4bb186acc0d88c62af912b45288336fae06755c6195e9b8c3a6bb8194275bd4fbddef5d81b329f41cfa84c7e533c2c700a548ebc229804fff8f617e5e673da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 25b7f0e40f96006fb576d777d3afd3fb |
| SHA1 | 32e76a1ba3c7f7f229a8aff47a04eabdeb83c5b4 |
| SHA256 | 5a2c43e19de6c5d66e9cf07f1aa285e6a176a7d5840341133c6cb57492a64974 |
| SHA512 | 5bc0371000a258301263b6c9d0b39ffd73b1e620670d891810d0499a8b20d37df0f2c1478511cb7f0024fd832e990c4510f42cc64e55468d0baf1d72c1adf40b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d60255cf53ec62e17f069cb641f6aa0f |
| SHA1 | 9f27cbb9ba1a389a72bdb1f4b98a3afa8f1f1d81 |
| SHA256 | 4bdc79e8a9796de2f27e86783d4672ab481e70cbfc651812868553960457b648 |
| SHA512 | 4ee63f55f8c4d821de154a0b6e55b2957e89b34f2475a7a5c0b2f04692cef0ac6347e932e4f4f7ef2ec43f0cb7f87de5ae5b3b235ee3d8eede1b418e0495c1c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 4652b34331983d514e0963d8ea071f67 |
| SHA1 | 1f6f09deca9754f0d17bbd4a0594002e30e5e934 |
| SHA256 | 723c873db6ac219e20a0bd39e8d47fe8dd40325c28e66c3b46ee8bd052df096a |
| SHA512 | 6dd13f3a89a717ca1ef5ef27129aa83241d9042a41bb4c8bf3bad3f6bced157aa4c07b4e5abb0cc0c7ab90ec1cb4a6d5414fc071b5c200f6092926bd19cb8a82 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | f98ff74bf68ccee360f54bd845d4b71a |
| SHA1 | d28fac25d4d0550611427fdc82a5297b43f3fc21 |
| SHA256 | bfd83ac35596847d9a0efff4729ad144b96c1a6aa8a3ff83d5bb29efd36f9029 |
| SHA512 | 3853a5464c6ebba09763f4bbb3cdf45947e22e5de9ffe6af9bc6ef26e9f067089ba534cd880650bd7edce22ad13b702387b7c444279174c5c759d2499ed95a11 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 18320911741ca849a644cbf36754c0a6 |
| SHA1 | 0f2bc629bf96df680a6c528a561a4c533a38d16f |
| SHA256 | 6a9f7c815617e61a589d41420d81316fd6d762f1f43b68ea7665b85ce964767b |
| SHA512 | 8cba4e241ed743962b3b12e7beb232a699347c1c691fc52bb2128544ec0c1f3f75a075a5142b6c116fe4a6c8fdb3b808c0e51a7ee420e4cceaa61876debc35ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 959afc93187a1e6274fb72857249e4c0 |
| SHA1 | 6f758c1a723ded15353dde049e775a4e8133534b |
| SHA256 | 7e4c8f0e643fa40572a19b86dcead6282b0ce0040ad4f57d9e8d72a7601dfcfd |
| SHA512 | c7ce451064122104a2b9d2026644e59e5ca95f698c7e59ec98c697e64fc03f1366eb354fce32e9b2497a8beba8f00ce24b5b12df80ae766743ca69a6f6627523 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 2ce0a3f4125f26bc296f66267ba00bd2 |
| SHA1 | 5aea22fe06d528b9a2b1e479440138b211988fa9 |
| SHA256 | 1813a6abbb133ae812137916f72e7244e210848c86e8925ac31baab595bbb5ed |
| SHA512 | 6b89e28ac021f4aa01447d29a53f8bbcea0b86dc1968cab7fc0cb2595678a8ec6c96001cdc8ef50c50ffa2edeca7a049d456c273015ca02b834e93bd0ba979f8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8bfb748009fe19145a07e4ce2508521f |
| SHA1 | 0b9856f484669fc14d752e5f281da93c7db89dba |
| SHA256 | 8f0c854ccea71218dba56adb83c3008e717aaf984d7cfa9d7882057351f87423 |
| SHA512 | d784aa38e14ff3fcbbbce83d3c420c950bdc5ebc80f6d62a7c095087ab083b2ec36fe070dca43fae8687a9a2b5e193011058ccf19039bb2fd369689c1d02f10f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 295f1fb96fcd8dc272d2155a785e221e |
| SHA1 | d5ee09cd5a3ce41b742ae0fcea193bcf6cfa7fa2 |
| SHA256 | 4ce8dc785742bc0a7065add2baf19597a3765f7383bb5a085bd05f302442d299 |
| SHA512 | b17c8dccd613424f2209873e4703da40422c7efc18ee4da9350700351b59c1c4390aa4a415eac694ff9473cda032197e427428d145edcc4723bc63daf281ed08 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 90bc35f8a149b03097d3a3d251b6f690 |
| SHA1 | 82732fe7f021fae306c339f23d1a1e7627c1f83b |
| SHA256 | d4f4928f7e0f8c27c5e70cbb1c3621c4c764770d499a9ba0d6d7e587d990dd57 |
| SHA512 | 14d7772930af90b907ccfe2c5e844a3f4ed1b417df69dfd8f94c474bfc1692b1f690bfc3bed2634590a25ca0b9462d90e5ee70f0c8f2583af1418843efa3fe09 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 9701d5c8503fcbfe2e8475d8daa0ff28 |
| SHA1 | fc4748925afed960b2bdb2100e67d10c2ba46c22 |
| SHA256 | cc538e08b7577779d9f65776f719a9b5de828068c11a4c67b9ce7d5305a70085 |
| SHA512 | d4940e47baf592ae554e226a00c57b6adaf813f341f9f14bbad9e8ee8b3f193069d51eb77a29da54f9e471e34c58f9f1ff805427c7376c4129d5844c02a1664e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\blob_storage\1b9a169c-3b3d-4b55-806c-8aeaa6bcdddf\1
| MD5 | 7bec04916ccbe6012eb5c9845d92a4c6 |
| SHA1 | 1c3aad50d47391354bc7d81ee67c7605cd8c226c |
| SHA256 | 07c9b6712ad157f7116748d2ac0dd5fc6fe412a5fbe5b7ef2baf943e1f8a1db7 |
| SHA512 | 30fe826a3f7b3a34fac7d9560caca689d27707862ecb20df23d1aa262c85a66463c2686013b6d7bc292c10a06d0fa1ef0696c23e3ac998d5a1ced8881d05aaa7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d21589523501bdf1a25250db4e12ab2b |
| SHA1 | 6decf301cb18c227efb2c136c05ed8d1a2bbde93 |
| SHA256 | a4e11802f1b64f75f81ef923e9a1394c9f25e0e8cf61daf5cf89099bd90972bd |
| SHA512 | f4852bdfd5f459912523d34672800f9f698dd8a4139255d48fc7bed8845aeda855ea5952acb80ef7c4f2c6d5dc91dd90ffeef284e3fac38f194e572873374a8e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 5062c6afed47b79a3ac8036c295052bd |
| SHA1 | 5bc312fff954acc61aa4b794a727f9b803b4493c |
| SHA256 | edd6b6ed5122a8625552d444e46929bb058b6f15853ebc6978685b9207e7bc32 |
| SHA512 | a52b5a814ece4b4e589ec906a9df96318ed1cb169ff8c06405fb23aaac661537a8bb01cfccfcf1921fcb6b9b9161e34fce8b4177bd4bb1cb449ebf7cb58dfc68 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 43e6ecf5890533c9d18d257a47c4156c |
| SHA1 | 5a30fbab6c2f15759f1a95184ae0ee06a3e81e8f |
| SHA256 | dd78152eb01813d90693a3cf539560f88281f06c02c29f4e3b56a145ab20089b |
| SHA512 | bbbd1676a16ee60dc9c67896fea649d29708b883d834c2f94ca5a17c9bd0b9c58e3fdafb847994667d64eff535f6adc35114730943f5e883de85f0a536db4c0c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 69c6accbef14daa002b1226666fbfa1e |
| SHA1 | 8bf47d2bb937539b56c5e31c53589f33bd3836f3 |
| SHA256 | 437873fa386c7661def61d1e7d9d5ea52d9047ef174e6fce45cf55f0b65848f6 |
| SHA512 | f834bedda5edb014e18e3b77a8a80b803c7317d3114f1ead74e7e077601ef17527671bc4fde6e6c2ddd94fd17153e675ba452885ffbd500335c55f1c57b08af4 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 3cdcfe7aea9ea4392f570d4776874a9d |
| SHA1 | 21666acc7bafe43127739fcdbc8104aebef77924 |
| SHA256 | bf9f2cf033381bb6ca7b9a6ff26717f262c7723f2aa5f2ba6a6df737894f2cf5 |
| SHA512 | 983928f02f19e06b6411bc9df6868dbce40e2ab7c65f411f7c671f705db0f2246d574feb4136a1862de042e56a478e28365f753934aa020bd82cedbc5cbae8d9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 85fefb6b182328e47bfa37a401c1d947 |
| SHA1 | db1c7f766509a897fdbe4ccd32f863fe9089285b |
| SHA256 | e1109bda32fe9c81b69a5cc385a0a2d7aedf3f6bcede3f5cf09eedd262aea878 |
| SHA512 | edba837de727714ed40955a72804518e22b91f6333f8a7e24d0d44aa7f737343a481269cbf361a001ad8e988bd1e20d1f360625535b9fa8d9ae7833414ef19d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 99d8153c4ac9484668dd47399f192694 |
| SHA1 | a0b12b17c42663051d4c8b45fd2e8f314fc1ca52 |
| SHA256 | 1bfc860676079e7e3398c701c422b92eaa8711f12879b5909aa06322e3b92447 |
| SHA512 | c827fcaeedb5492e22de9f73b5a22c64271ae7ab8c4957944939b4dce0f42e8b4ee2dcf149f2182ffc8aba5759e1f64531237b3ec31f78bba600608874c997f0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e3aa96a5e7eebb2f346b9fef78803f6b |
| SHA1 | c683e6119f6557c179534b67309208dcea935a07 |
| SHA256 | e5c0e6fd3595f4eb0bc7d90f64fb94e62709aec7deca45764d92495033b54ae7 |
| SHA512 | e149c717a4c77c2c669d7e1bfe22b24a5c80e0386483b967d087e5d5b2c926bb451924cadef047f2b7fd5d71ae8da42fe443f62cafebd2ff6474c0cfda97b152 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 223a7a7f9ced9ce3a8e95769f397ddd6 |
| SHA1 | 2f4635a7eae0dd3319456e7f7792d4e710820852 |
| SHA256 | 9255ee97d73f7548abe8c5b87cc13f9e75b68ab632e415829a916336b3fca461 |
| SHA512 | dbe9de9fe87e2e9a2966d926e66d92ac3913846e42d423fcb241e3023ef18366bff399a97bb75404f1046178b989744e1d4ae3f281ac35dfd48997f654a8acf1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d51dd9c982d450c77d7efba9901767fc |
| SHA1 | 69ada30adbe919e32cf0e600b0e372910e188fa1 |
| SHA256 | b1d3edc5b6df5b8023e1dde868f4f818943b1de356af84f52288671d498fff68 |
| SHA512 | 3f4021156f819eb1f6a8513becd7d2e535bf8a3cad91f054305028a0c66fc5c901ca28a5d2f7b070943d0e9dab53f2622169667152a9e563c1ab787b7bc50fd2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | dfcf5c0a32ce0bbee86c2675b367fdf8 |
| SHA1 | 6788ea795f3886186571ef78cc7b45881245fbab |
| SHA256 | fa23290e8a9bfc762fc40ba5cf485a9de4b255e71ad900b471fd3c86f24557f4 |
| SHA512 | e94212a19a809f4857cc81df3b1874cf3ada178bcf045752392feb4c385592bb1179f3e5da43c71a97d85e7fdc68e587611310a6f0d037100cbcb34cbe6bcfc7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 5a8070b9efd666f1af2f47d8aa94510f |
| SHA1 | ef6768c620be727749fae13d4b4a13083becc685 |
| SHA256 | 9e8ee105d0f25a19c99ad1afe6a976a9b82162ab44e0ab56bef3f47133e78227 |
| SHA512 | bdf1f5ec93baba36fc053eaf9335e13c91e96ed6e1f422ce27b771d43d9edbe61c427bdc41a096ee07fb7fe906a21c45ace75f60490127676a100e09ac5d795b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 452d3cfc131a5e30b63aeee7dbe130aa |
| SHA1 | bc9f7b0e2247e46b8a7a3e767dc02e2e7462cbe5 |
| SHA256 | 6b0b12e31af208e223a68740e509672dce5474b8a06fbb8111f1b5658e83461a |
| SHA512 | f7647c83ede17b2d527150c20a9d813daba90b9607ef8812b4de5ed5bc500026eae714d42194a1a0746108173667df481b0c90064c24243e4b63883a1d749a56 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f1bad9f52a3a8bcf407de68a9467544c |
| SHA1 | 41ae47eaaddf22e92074c9be27135e6744446a43 |
| SHA256 | 96a4239b9f0c7b4282902e0d57bdd8ea6240fc6d3220fc58f1ca90b17136ede2 |
| SHA512 | 4b4781bfdf421aaf6d3218faf3914ad1c362a658a954175d677e9bb28336f492b6b80960d710cb47207c2f87add36f32ad584f00eb4acec3bdfecd8c827188be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 6171fd0c86ca07fdc33afed81106aa19 |
| SHA1 | 925c7c44f6789c78cbbb162bb98522a27dc76b86 |
| SHA256 | bb104a05884ecb9f1efa7bd22bf786e288889bc0b0ed62f5611b0a1bf79d6c21 |
| SHA512 | 656deb2e2e98f287116a045b0ec0844ce4e1be599807b00f057e92505197ee205f89cb023ddef8a2f844db9d56b67c6fadb3fd955fd692bc8ea2fcbc919636dc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 64b56de5bf8e98793c92b5957eac66ba |
| SHA1 | e42f2026d12fd732410ca98512398a4e117b458a |
| SHA256 | 475d7e52633b39f9339522d52fd8a65a97ac1d40011cfe3af4ea8c2cddcd0a75 |
| SHA512 | b2c1162a2990110ab66a3d73f61fb3f12a42113e66007d64763141b349d854212c8e04fcbfebc745b23d8944df63944d5e8bc37857fa9f3b9071d5a1a2ee0ae7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c0921b4b393f2e2ba36e3060f72531c4 |
| SHA1 | 737fb772f6464e576ea6329c6e5f670dd457f9ef |
| SHA256 | e5405570bf1e59be4e9ea800aa0e29517f53a160b0f45d743ad60d40b2fa0112 |
| SHA512 | c6e1a0c8237cb32ba1017aadf63d9851fc8130090c03b12a1c7565b3bd08b0bccccdd973d488f2bc337a18fcda333a6b0b3b45d22e7e0abeb4165155376f19e6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | c79576e4f315b79e4cad7147d8bda0c0 |
| SHA1 | 6ec61bc27dd9e98962a5c844e871be5c76e6bcca |
| SHA256 | 6f6ba73694e17bc0d6223fe0441415faed32bde5e580d91dc96d9a8ade6ab4e0 |
| SHA512 | f8751337247cdb9100659f24bed949190a6b3014c69e9909a8c47449979e3a2a97a93439be1d7148a44db65e33fd4c97e5440dfe729c0e566b0df883791c07e4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 4b69c99d2144c6f5b60151728e55f542 |
| SHA1 | e5d3314d8135d3148e56c337b767d07fd0bcf43c |
| SHA256 | bab30f214f3da94317f10dd5bc0b9f471ac78efa94adcc3f25fff91a345ebf2a |
| SHA512 | ee98cd7c07d1ddff8483fbe36b0c856a83a41e6bbe2268b04513cc3b5039f05e1bca5ec4d14dbedef21e623d542f5ae035d2da615bba31e0ad65c85d20a961a3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 00b217e082ca70b8b658bd12372c198d |
| SHA1 | 975680c47d45be5a39eb8e95b34aee196c982666 |
| SHA256 | 5e7759caa10bb2d122ec747a63b3fd270b469fab0dcc197c6a26046be680efd5 |
| SHA512 | 6a04e9a93d5039b830e9d462ecfba3997c0a280afbff77d97f02662560a577c53b96bfa08917d87b3932731c0453b38216834535aea0f3f922371371cec266fb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | fd17172ea0bed9313da9369ba37b999c |
| SHA1 | 39c655d5159cb0ac87088d7cbc5d25021fd14f5d |
| SHA256 | b950825a187d109f6196c951589e3acfa373a52be469581d13fe9ffe48336c1c |
| SHA512 | 701b2117691557c8c4365273fa3b3d08844b8ff9bd4a178bb60e8fba771ea1803325c842eed677da1380b953d95b25d946b6a45b3206a94b4aa5caca1575b6ca |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f9beae714d4d86e14e7598c1e52b26c4 |
| SHA1 | b5da6a2fb0c2498cafdedd949b74a0f31bc6a50c |
| SHA256 | 94f75132b11f98de1960ab62254ae2b0381f981ba477f2baca5f7a1126140874 |
| SHA512 | b3c6039d5337719b12f9e61392215972dcd5383956ef3c65493c808872aef64d0d2cd5d1fc83d386d393a782d366bdb991d3fcc4cc1d1eb0f6d9055e273d45e1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 8266ab5c19cfa429e4d57b39afb5a7eb |
| SHA1 | db230487d3647abc7fdf45e2f1cdd08a3657b76a |
| SHA256 | c2deb31c81986d16f44855fd7a1a9d0aa99fd9c956d6ba9704282793827d1b9b |
| SHA512 | a4a57fc803263a2312a145b8ed1c45f04dec28970b6cdad67946e607b6961e3103f6026b32fd764dcdebe2cf2531d35fa963f28f53f54390838ed26962b51b45 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8eb6e953ff051a47f8237e1e6d194afa |
| SHA1 | 364e4faf1ad1c9712584e054708ca327570f8ab5 |
| SHA256 | 788245989387324c4e5534a27b81021a0eabc7af28712536b141c213cb69023f |
| SHA512 | cdd2d4808b710c2833081b1fb5cbf9e0a0edd2fd7bf8ab3c45ceb0040e91fd22787f8b6b667438be31946d701896b4620b3a0aee7a8750096db139025d2d9786 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0
| MD5 | e0d5eb19cddcf0d74e4266106740355f |
| SHA1 | f13f424217eaf066e469c77a30ce7c0d7aa2a5b3 |
| SHA256 | a75780be873f94cdcb2649377c1732d82528ec81881edcd7547947b32ca3fb2e |
| SHA512 | 18751cd74e384c783bd000847cf5bc2e4fad2d22f0caf6c7f30ddbcf9cbd2f3a41b4c0949dd96ac0ed0f9ef26961240af7651fb78c9f4f5178b54bd48ac97cc7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1
| MD5 | 2e617875dd9be9b8c2d3d00de6dd161b |
| SHA1 | e41128302fed11a3f10e8b2460b70c7afb1bcfa9 |
| SHA256 | f8113a85e490eeec08808063f4bd1afad8111c26ce15b7e21468421f06561e85 |
| SHA512 | 2bce33ff98f8e03e06652214e44a9e111f86640cee7b91ef865b5b1777c02a38d116944d1b3dbf57f447c7f393b13c18b0f9d8873e7a9babe587dd4c3f5e2639 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | b29bcf9cd0e55f93000b4bb265a9810b |
| SHA1 | e662b8c98bd5eced29495dbe2a8f1930e3f714b8 |
| SHA256 | f53ab2877a33ef4dbde62f23f0cbfb572924a80a3921f47fc080d680107064b4 |
| SHA512 | e15f515e4177d38d6bb83a939a0a8f901ce64dffe45e635063161497d527fbddaf2b1261195fde90b72b4c3e64ac0a0500003faceffcc749471733c9e83eb011 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 2249e17e94ade96a32704ddc0afe9261 |
| SHA1 | 3f150a3c75a21cd2de1b13c91de7f1d645a11735 |
| SHA256 | 63c7c2c217251511e203d343e79009ed0896903507eb1dfbbb9615285956d04f |
| SHA512 | 0fd2e54333f7deaa073eb1a5282cd7b7c1d353a417104870833310bec023aaac2a76c9bd5d4c740e7332c18fdc3fcdce5698579663b8ac0f609223f2e1f9d450 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d5eaa8282026b9225519c8e13cea39ef |
| SHA1 | b1121616e5a8f95043476ad3e778c5af870f9e20 |
| SHA256 | 306354885dca3d521099c15ec5af5d36c8b20d632bbc09de92b4dda2c36d87d1 |
| SHA512 | 89e6043a0c137fc9e24718677be360cfacf6b3a171c00f19cf2422b0728744889b82bbb6ac0b430e3397097d9cc6e7f9e51f73cfc575d3a1031a68af01ef3735 |
C:\Users\Admin\AppData\Local\Temp\IXP000.TMP\AGTEULA.TXT
| MD5 | 7070b77ed401307d2e9a0f8eaaaa543b |
| SHA1 | 975d161ded55a339f6d0156647806d817069124d |
| SHA256 | 225d227abbd45bf54d01dfc9fa6e54208bf5ae452a32cc75b15d86456a669712 |
| SHA512 | 1c2257c9f99cf7f794b30c87ed42e84a23418a74bd86d12795b5175439706417200b0e09e8214c6670ecd22bcbe615fcaa23a218f4ca822f3715116324ad8552 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d52b6cff8a7fe64083d648cca51ff8f9 |
| SHA1 | 5020995e6d5e4ad9a040811e24962f3c326213cd |
| SHA256 | 958128cc73a326c66177f9208a89c2c071c3a3d1616a7a6f4b5722f34ea16840 |
| SHA512 | f5c9237b540f86bd8def3a2dd293297332eae103b7e6bd74aa79ec0bbfefc61c892aad68bb8a1f877eab6bd17a91e46b13b25403b366233ec1d0c66499ef0e40 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 562c193a8cdcb1ccbc485c340fc9844d |
| SHA1 | 68b6018fa65ef1497d47202539435865608be120 |
| SHA256 | f9c0b0e54641f9b603023247b440ee5824086ba845b5666272ad7410c72a4590 |
| SHA512 | 0faf8dba4538c642a4826f213c5eb255116c8ec1a8c55ade4b727abd349db589818889301d2b250cdcaea754c2c403c621f11962c58d7e7dc7b5bd64f10af86f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d964377d1e7233c8df1ee9d5b220d617 |
| SHA1 | 598020e03b3cba2c59ad8743c3cbe1ca0ca1dda7 |
| SHA256 | b68e30ac92e4b5b510b7c95518ddd60a44aacc93e5db2332a4980e6f0ba52d79 |
| SHA512 | 9e1a102e7d692c9e738476ec14e4caa4e06f88438f83b3995560109dcbf60b18899d777823c77395c486297932c481fe1ca4109a49e1c0d7d691751b671c47bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 4df4574bfbb7e0b0bc56c2c9b12b6c47 |
| SHA1 | 81efcbd3e3da8221444a21f45305af6fa4b71907 |
| SHA256 | e1b77550222c2451772c958e44026abe518a2c8766862f331765788ddd196377 |
| SHA512 | 78b14f60f2d80400fe50360cf303a961685396b7697775d078825a29b717081442d357c2039ad0984d4b622976b0314ede8f478cde320daec118da546cb0682a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | a726b52ad77997bca1e3243f90afb109 |
| SHA1 | 9b3608122242ba7f18901f45a19865f116b771db |
| SHA256 | 56d23ff820d3dfd87bd7a091f381fe1c78a7d30ecae3f94c308bb5923c4d55d8 |
| SHA512 | 9f2e1379f86940e53af3fc64ef4e1aa350b00afa6ae6c497d12f3d29c83cd754c92c642e40093b4cd07dafd06def8475b5c3f5cd3227cdb0a5e9124244e7fcb5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3704939cdd36ab32190dacf300bac16f |
| SHA1 | cb9e3eb40a23ae71ae33b13dd0135c5e8827f9c8 |
| SHA256 | 9742a8bb4f60169aba10928687b28a00ab02f5e2deeb4976b37c341963e17b5b |
| SHA512 | 140b26a36eb8a13022b4488ee7297179d2326db13bbe45aa247758ffc2e49ab217987fb571d2419840c2c5d7a1ab4397a439211f9cba778d417733a008ca34a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | fb2e7ca07b28e241a96b5e0a4dfeae41 |
| SHA1 | 3f85a6a1b6eb52e33ef743f398c9acb77c570b11 |
| SHA256 | 15ae2f63a97af3fd941b5fcc9b207597ae7785b13c73334f321af5dc540367f2 |
| SHA512 | 5897d5a668e9943052a3867074fbfa8e499397f2d13994988105c5d7599823ab72120f4342fa380667b75c9fb373d1829f504cff3b27a0a15989b536ddfee566 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 805449282574b992a7202f5219d70478 |
| SHA1 | 7c3ec1b31f29dc99bdcdf248f51f132330cebf8f |
| SHA256 | d36c0d8acbdfe0f4039ef3b2969eba36af800224f3f50bd6a77102a33af3df3e |
| SHA512 | d89f58f3dbed03ab7277e62b7d57c4141870ace286b1fd0cfce161f588a3ec4eab671ed9a772f0c8eb8297f67152f73c2d50b244996f7f42329f7b05132182d1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | d48e41a2f4075c2b5711f1233595bf28 |
| SHA1 | 414d00e3a688c930c675ef51679a26305e46ef50 |
| SHA256 | cbc0495ca8e0f9638856c6a0dace054fc9f9ba91b185520b6a0868f3e29fa05c |
| SHA512 | 4306de9ca524fd18376be6f7c285805b72976a48a1972467572131863f4d14b59a1133f9ca30ee643166d9371638d86ffbf0ad26054d097ed75486ce6ed5eeaa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache
| MD5 | 7ccaccca18779127ded87bebe19b976d |
| SHA1 | 9ec035901f870c2aeac0a9c95336fc07f028f2a1 |
| SHA256 | 25d277b7bafee5e6872087339e62931ac2360d1da91937454e5e2e3776da1dc9 |
| SHA512 | 5c6d259782ba422b920f7cae2f9376eadf65a47a1a58612d8c89db66126ff502e1c54502e503475dd8dfe5e3eb891f419160680c0fdd7b5fc7ad0ae0002dec10 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 4ea1ccacc2f87beb2be617ee3d7e330c |
| SHA1 | abe20aa3ab4fdfcc90f4fdd5ed344a08b76f7d25 |
| SHA256 | 95046f5fdbab76abf29ecf1f0f1224907f89b2bbcb45a3456590adb89996ea98 |
| SHA512 | 984b7cad7e8d0f5664bb609fecc4e22a14faaeabcd7e79dde485586fe34d3612920ce28013326d3e35e8ef4f8d985ed32c86dbdad247dee437821d1937d6f802 |
C:\Users\Admin\AppData\Local\Temp\KillAgent.bat
| MD5 | ea7df060b402326b4305241f21f39736 |
| SHA1 | 7d58fb4c58e0edb2ddceef4d21581ff9d512fdc2 |
| SHA256 | e4edc2cb6317ab19ee1a6327993e9332af35cfbebaff2ac7c3f71d43cfcbe793 |
| SHA512 | 3147615add5608d0dce7a8b6efbfb19263c51a2e495df72abb67c6db34f5995a27fde55b5af78bbd5a6468b4065942cad4a4d3cb28ab932aad9b0f835aafe4d0 |
C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe
| MD5 | 66996a076065ebdcdac85ff9637ceae0 |
| SHA1 | 4a25632b66a9d30239a1a77c7e7ba81bb3aee9ce |
| SHA256 | 16ca09ad70561f413376ad72550ae5664c89c6a76c85c872ffe2cb1e7f49e2aa |
| SHA512 | e42050e799cbee5aa4f60d4e2f42aae656ff98af0548308c8d7f0d681474a9da3ad7e89694670449cdfde30ebe2c47006fbdc57cfb6b357c82731aeebc50901c |
C:\Users\Admin\AppData\Local\Temp\INSTALLER.exe
| MD5 | 3f8f18c9c732151dcdd8e1d8fe655896 |
| SHA1 | 222cc49201aa06313d4d35a62c5d494af49d1a56 |
| SHA256 | 709936902951fb684d0a03a561fb7fd41c5e6f81ecd60d326809db66eb659331 |
| SHA512 | 398a83f030824011f102dbcf9b25d3ff7527c489df149e9acdb492602941409cf551d16f6f03c01bc6f63a2e94645ed1f36610bdaffc7891299a8d9f89c511f7 |
C:\Windows\Temp\OLD9EA4.tmp
| MD5 | f6cb9878bee0cc17e54510ab92d79286 |
| SHA1 | 1b71ef7f8f5aa4e05d049c42da2fcd28a68f6761 |
| SHA256 | b9b5c73ac5b705ec8c0ca807ab16ccb0ddeb986ee734fd6fff7b5d33a0c04412 |
| SHA512 | baa7c2b2d2bf1faeea3202fc2108c484c003034998beab07ee6102fc53b8efb1f19773ed45e57b6c118603d6874bb028b834eefb8e098577613d0947ca9855f2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 20b489ba2b89a3a833332bbca6a10822 |
| SHA1 | f2400211063cfb4932d043408993b5ecaf1208c6 |
| SHA256 | 33f871e453fe96e44b1b7e8667b4ca9bfd1ea4d607a3fd143b7368e82f488cbf |
| SHA512 | 2bb09b3de3cc16ac37a17a51efc07203a88e6a7dd14f1002e22869135bf314d075c5afacfa39e94a8a1d4eb2049c792d825d828658c0f51b267266ce24d862aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3c1eb78a47a31510883bdb5a042c9b20 |
| SHA1 | 4d213f00ceea6ec6d9cbdd1cfd6afab412031864 |
| SHA256 | 4d5b1274c7b341c2351bb076c26e2f56ba1df36c1240a60f8151cd6202bd82ae |
| SHA512 | 38a91b6d5e6c17e18197c61a849989c02cd232ffd69fe141831d3d2fcadaebf2d5c8f23ecb3f999a6bdc7ec8395e5668686bfe1ffd24643a7646fa3f05d463d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 589c49f8a8e18ec6998a7a30b4958ebc |
| SHA1 | cd4e0e2a5cb1fd5099ff88daf4f48bdba566332e |
| SHA256 | 26d067dbb5e448b16f93a1bb22a2541beb7134b1b3e39903346d10b96022b6b8 |
| SHA512 | e73566a037838d1f7db7e9b728eba07db08e079de471baca7c8f863c7af7beb36221e9ff77e0a898ce86d4ef4c36f83fb3af9c35e342061b7a5442ca3b9024d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 3a33edcc2bf06480af1a49145b3c3871 |
| SHA1 | 61e7c7437b51f6112783c9496b38e35a8417e896 |
| SHA256 | d57d2947016bdfda444fffac967a1dc57bbe1abc631ebce57edaeb4f8bddb050 |
| SHA512 | 143c622c9e8dde51e2e486b01ae0adfe5d0b2f2694f946547417720eaa65ca5fad09831cdce28fd4255491de3230ea28143f21cba8665ca78794e206e377da5c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a50cd7980e5b3a06f7da156244318e6b |
| SHA1 | 1412aa37a17f42af9518f9eee063694d04e7a293 |
| SHA256 | 91beb4598a58e91d7ed3884eda733388d6d39809f84585d53191b353e9f63a71 |
| SHA512 | 557d7bb4d5e430d32d0ce3a339296062ede6730b271d7a1e9583c62a4498a0c0ef065630f62eb3673ee890fd7db100a29b7440a97ec725f84d8bffaf0c35c5ec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | f8604b8c2c0a58f0da6dfdaf50af79fd |
| SHA1 | 3920d96a1658f4e49a41084d818c2c515b5525da |
| SHA256 | 38a9103dd479648375bb2d42f583993be77870558710a0cffed2f14575f15e1f |
| SHA512 | ee9fcd545466da928a752986fb3e1cf370f8466691fccd09d1eba3e88cab92496de280d54ef0e16cae9eaa28561aa5bfb75d14356076509b64175cf93541603f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | e7ed9c60135a22cd91bb3c8829326a6b |
| SHA1 | 6f7bf408994aac828e4b5d044b5994abb41533e1 |
| SHA256 | f150dbd89f0cab76107584dc9a44a57438d678ff40cef3c58e34f64022974fbe |
| SHA512 | 094ea00cfd314cafce6a432013223ee9b64d9339016ab059f12b547800adf0bcf26729cf396e9c7eece6c4eea356ba494a209916f97fafb8fbb4b8d0e67e11ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000030.log
| MD5 | 8fc80003c3434bc6f88750cd8f36ccc0 |
| SHA1 | cb2d1278fa216eb9b2cdf42311575f923b1449e5 |
| SHA256 | d88a7e011e65a25481d00147016904fe6d1efdb0184921823044d6fc69784996 |
| SHA512 | c9d585239c90ba66d9f4a1ca59083ca22f93e476060f119a59992b5d87e81b0fb256a135b3f954d4a1afe83537826c8497f1bde0e7132bdf32b93d9f18edd0cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 555e46953f7e22d58a1141aa4f8869aa |
| SHA1 | 64d22f56eced65dc3063d24dee2f44d3edf7c836 |
| SHA256 | 05c608ab4dde827027b38109963a469c6cd6b99949347b5683707509ff63f762 |
| SHA512 | ea512474c5c0930d226d24ab34163b0322c6e3ba9f3da77e83c2e15aba106ad695f4afbc17d3131c4ea47cbb93166794f8f8ec660e2127ddd7c97ccfffab9bc4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | a091648fec99677f799f17d5485b256e |
| SHA1 | f9a579201f97e32958182b9f8f38e241e3b7fb9f |
| SHA256 | 35af728a907248cbf7451af6950c783ac3c848f17b79b625b63254a54033b06a |
| SHA512 | 5ecebff1bda1062ca9b2d83fa2cd7a8f9ba1058deeed39d2ed0d4054520c7575dfdebf4737dda3813961d3987290f77de677d9fbd4b1ab91c47027dbb88c8eda |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 16157ac6f955600074f84599f3ea6caa |
| SHA1 | 57788fd1affa1ddc61a6fe1a5294e0a7751d5e8e |
| SHA256 | 8071c375833ced6b1195a1c967b4c3deb2d8b05b1ec788e8dd278ccb2e5589c8 |
| SHA512 | a866bf97dcfdea0924a9f2842ac9ac9240275a44d48c091c4e2c51d31cb6bb8e5eaccfcc634317742a12fc818333a5f159e51c3566799b5ce3ff37b4dd6f03db |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 9679fa6bc1ebf8d1b78fe5fdf669de22 |
| SHA1 | 78a6ce5ac003b2c44e797ccfe41c26adf7e2f8c2 |
| SHA256 | ce7aade3b6263f2cc0fcfc0b8f75e4424f08a8f515fa67f663da33894fea3622 |
| SHA512 | 281164b14d8c9f326f56d03ac0621a7cef01785adf5d07b5504b6411e8039c5f562ff68ae66e001eab0ec1729bd440b547f98f536f38a130a84c7cddf56685e7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d1bc5b3a64d60e8d4745e511fc6f3b76 |
| SHA1 | 147b63780ca70367304be4bf3e4a57edf26c4f1e |
| SHA256 | 5ba45c3e92def030723ccc82a083311833f6c286edeebd75d77fb40ca3348893 |
| SHA512 | 97f47ec63180170c59f7a54d717ce16c7302d57f6f39f86fa5c817b6e42107680ddad6a91291f5dadb4542a8ee36e47ef3a84d7fafba032ee8bcd8365877368e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1c4bd16337918267524f9354991ade85 |
| SHA1 | 5cc0351ddaceb10ebab27fd918fb14dd32f350fe |
| SHA256 | 4889ffd1c09bbca55c91378b2bb996096df433ba7005ba4067d692832a00dc65 |
| SHA512 | c0d59fcbc01090eaec9a167b295379371c5c63167ccacd9aa5886980f6e84977a439ae348207dbb015bf9cd6f0aae2e7e08ec4e1a67e6668982d1882411b894d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 695763176e9a90e87bb8cbc51d74002e |
| SHA1 | 50a2e18f979242b057f8d5b0eeab2e07d06e4b99 |
| SHA256 | 7fc12c3a86532ac9e5d54ff095afed7d1a35772067c7b47809d417c21bb9ae95 |
| SHA512 | 01c35389219245bb1afaa6ede6213987de119043d54ad4eb2bb9c42f8fe46465c9c586ad871330790d5834859083bd0b2b4d1280883041e281f1058bc192b489 |
memory/1728-16767-0x0000021140C80000-0x0000021140CAC000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 3218fe110a172eed0d4f7628d2390489 |
| SHA1 | e04f4c23b4ce494b8ac5fa1933929a304c9d8110 |
| SHA256 | 6c5c834797db44a1b3231b5527a969878b075babbcc6c8d92ecc9427dffc36ab |
| SHA512 | 2cf2e963520bb194675a3efa9dddafb3c209b13d86c2b554eb6690a7d5eee6a8d9c714db6caad047b13d470a0f7dec9034dc12f0480bbabd4c1c7cdca0c64dd5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c02b1ca798ba2979fac4bf3b362b57b7 |
| SHA1 | e3834d6ee50a8cf5bc09b284babdccdc7bb854c1 |
| SHA256 | a1491eea2ad6e4676641eb4f48950514dc7b35ab57c4bd38603ef537186174fc |
| SHA512 | 43b13a653e78bbb18b7c3b1190568730f3e8567c989bdf726b4b781fd50f8195224bf7add678b939f176317d71268a9f78dd31921b9072f3fa82afcd3a1fdcab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0
| MD5 | c0b9a43614ccaec145324a5bcdaffb38 |
| SHA1 | aa095ae101f26b45b5a87bbb600c299b447f94bf |
| SHA256 | 8a19e79fea28ab0ac754bfb498ac42b16e502fc001ea5bca6a3cd4e3605129bc |
| SHA512 | a39d7a55626e19c56313c2d631c3c410ea43b7481c2f9d9f5e286e556e093bc8a52bb26cd192998d89da463d8331595b54492805d85f15b4f558bc7389a7bf8f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3ddae6be0d7ab702aeb654a883ba2045 |
| SHA1 | c907da9ce143e4e8cb12c65fb0a39a03a48119cb |
| SHA256 | 21f473c7889c8406fff68040fcad1be7cfdd382530816df36b4bab33c84c56e8 |
| SHA512 | a2fcaa80cd4071cc5fafee591271ddcc7b93c0c6476ccf88902dfe0bc8ddc1dcd07919d66e1d692811b66414112aa6e7e3e7887b07aab1f7940489db00c67c62 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Browser
| MD5 | a397e5983d4a1619e36143b4d804b870 |
| SHA1 | aa135a8cc2469cfd1ef2d7955f027d95be5dfbd4 |
| SHA256 | 9c70f766d3b84fc2bb298efa37cc9191f28bec336329cc11468cfadbc3b137f4 |
| SHA512 | 4159ea654152d2810c95648694dd71957c84ea825fcca87b36f7e3282a72b30ef741805c610c5fa847ca186e34bde9c289aaa7b6931c5b257f1d11255cd2a816 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 60e3f691077715586b918375dd23c6b0 |
| SHA1 | 476d3eab15649c40c6aebfb6ac2366db50283d1b |
| SHA256 | e91d13722e31f9b06c5df3582cad1ea5b73547ce3dc08b12ed461f095aad48ee |
| SHA512 | d1c146d27bbf19362d6571e2865bb472ce4fe43dc535305615d92d6a2366f98533747a8a70a578d1f00199f716a61ce39fac5cab9dd67e9c044bc49e7343130e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
| MD5 | aff827b32d28e975cd84bce71be86828 |
| SHA1 | 9bf48c4de95974df4761a9b9c08d111a254147ce |
| SHA256 | ceb05f726d6492e5f1c04f92c2a270f1635243ad199507c613fddd64c4f70145 |
| SHA512 | b1f9676287f05d61fffbdc5be319f9c1a1cdcd7151f50d58e9959c985ba860a964244d31fac01cf03c36f925b9bec9fe295848e1a0977dcacb748089e83fec40 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 9f28e3e7e2045b66b237412d318e7b2e |
| SHA1 | 68a77ff06fa5ff0ced4a90831a5df2525a7ab9ea |
| SHA256 | 24d396291a23f4d5cd1b36d612aab6ba0a377465e6c27550a91b4c83b8107438 |
| SHA512 | 465666022a1dd8d69008c84e70b554ece3f9ec18a60dfe6944613c12734abc95be67d58bd24b3c37dce34be2c26a42319b71546e688bbaaa4a3e71026cfdc3bc |
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\GX304FV6\www.bing[1].xml
| MD5 | 6ab4a4e2de4aa335fd0a95a0cac93617 |
| SHA1 | 4beafe8061bdfe07f19e69259b48c2def5b77eca |
| SHA256 | 74696b7d12b9ddbd97f8bd84d3e9bfa7c619bfcd4c5d02e2f9b37bafc3f7c857 |
| SHA512 | 7296d7e9ae4228a6205b0394af1ea76fa47d73bc52393d9cb92bc32c1bf3c99ddf9bea5ce0ab6059286233c61d9beb95e802c986064767794b22149740e5977e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | c43a48ac6652e3ae5dccd1df1196aaee |
| SHA1 | 96dfa5fc9a5a8efbf18a48b8a9da2399b0036c20 |
| SHA256 | 826094703ab27d28c99fc1195838c6d0587f89ffa105b4e7afc2595d72616b33 |
| SHA512 | be1e0c93a131115b04f5a081b45c9df27648015488d51b1ae51b6ff71fa3d6c5388c1c96c88ab08f922d578c8d1bb50d67e98d32e2e6cb509b8fafeb6938a4f8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d73b34b2b4f24ff889bfff1ba3141ac7 |
| SHA1 | 529c7d18c16453bbc550b1e04eaccbfc79cd7f35 |
| SHA256 | 3a702bba22ea8c142486d75488b3a933186d01e1e32be21dc4c98c5204637dc4 |
| SHA512 | 6dc6692e068dc0add93f6ca04f2c18759afe2ebe61877fa5b08dcd6fcc4ffe82850688727b323f87a934529fda41ded9a8ed09c32347c4528de843725f468a44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | ab6ab31fbc80601ffb8ed2de18f4e3d3 |
| SHA1 | 983df2e897edf98f32988ea814e1b97adfc01a01 |
| SHA256 | eaab30ed3bde0318e208d83e6b0701b3ee9eb6b11da2d9fbab1552e8e4ce88f8 |
| SHA512 | 41b42e6ab664319d68d86ce94a6db73789b2e34cba9b0c02d55dfb0816af654b02284aa3bfd9ae4f1a10e920087615b750fb2c54e9b3f646f721afb9a0d1aea3 |