Analysis Overview
Threat Level: Likely malicious
The file https://a.directfiledl.com/getfile?id=39249595&s=803486CB was found to be: Likely malicious.
Malicious Activity Summary
Event Triggered Execution: Image File Execution Options Injection
Downloads MZ/PE file
Loads dropped DLL
Event Triggered Execution: Component Object Model Hijacking
Checks computer location settings
Executes dropped EXE
Checks installed software on the system
Legitimate hosting services abused for malware hosting/C2
Checks whether UAC is enabled
Drops desktop.ini file(s)
Suspicious use of NtSetInformationThreadHideFromDebugger
Checks system information in the registry
Suspicious use of NtCreateThreadExHideFromDebugger
Detected potential entity reuse from brand microsoft.
Drops file in Program Files directory
System Network Configuration Discovery: Internet Connection Discovery
Browser Information Discovery
System Location Discovery: System Language Discovery
Program crash
Enumerates physical storage devices
Suspicious use of FindShellTrayWindow
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Modifies Internet Explorer settings
Suspicious use of UnmapMainImage
Checks processor information in registry
Suspicious use of WriteProcessMemory
NTFS ADS
Modifies registry class
Enumerates system info in registry
Suspicious use of SetWindowsHookEx
Modifies data under HKEY_USERS
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-11 16:52
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-11 16:52
Reported
2024-08-11 17:03
Platform
win10v2004-20240802-en
Max time kernel
656s
Max time network
659s
Command Line
Signatures
Downloads MZ/PE file
Event Triggered Execution: Image File Execution Options Injection
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EU9730.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EU9730.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EU6100.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EU6100.tmp\MicrosoftEdgeUpdate.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Control Panel\International\Geo\Nation | C:\Program Files (x86)\Microsoft\Temp\EU9730.tmp\MicrosoftEdgeUpdate.exe | N/A |
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Loads dropped DLL
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Drops desktop.ini file(s)
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Videos\Captures\desktop.ini | C:\Windows\system32\svchost.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EU9730.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EU9730.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EU6100.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EU6100.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Detected potential entity reuse from brand microsoft.
Suspicious use of NtCreateThreadExHideFromDebugger
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\GameSettings\RoundArrowButton.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\TerrainTools\mt_flatten.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\TopBar\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\StudioToolbox\AssetPreview\OffSale.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\StudioToolbox\AudioPreview\play_hover.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\TerrainTools\icon_tick.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\LegacyRbxGui\PlankSide.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\VoiceChat\MicLight\Error.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\VoiceChat\MicLight\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\ExtraContent\textures\ui\LuaApp\graphic\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\127.0.2651.98\mojo_core.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0C238D05-57DC-4EAF-AD58-EB96CFFD1848}\EDGEMITMP_72D81.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\MenuBar\icon_leaderboard.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\Settings\Players\BlockIcon.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\TopBar\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\127.0.2651.98\msedge.dll.sig | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0C238D05-57DC-4EAF-AD58-EB96CFFD1848}\EDGEMITMP_72D81.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\127.0.2651.98\mip_protection_sdk.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0C238D05-57DC-4EAF-AD58-EB96CFFD1848}\EDGEMITMP_72D81.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\127.0.2651.98\Locales\lv.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0C238D05-57DC-4EAF-AD58-EB96CFFD1848}\EDGEMITMP_72D81.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\fonts\ComicNeue-Angular-Bold.ttf | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\ExtraContent\textures\ui\LuaApp\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\ExtraContent\textures\ui\LuaChat\graphic\gr-indicator-instudio.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\127.0.2651.98\Locales\pa.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0C238D05-57DC-4EAF-AD58-EB96CFFD1848}\EDGEMITMP_72D81.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\AssetImport\btn_dark_showworkspace_28x28.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\StudioToolbox\AssetConfig\editlisting.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\VR\toggle2D.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ViewSelector\left_zh_cn.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\models\LayeredClothingEditor\MeshPartHeadTemplate.rbxm | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\fonts\families\FredokaOne.json | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\StudioToolbox\AudioPreview\pause.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\MenuBar\arrow_right.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\ExtraContent\textures\ui\LuaChat\9-slice\error-toast.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\ExtraContent\textures\ui\LuaChat\graphic\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU6100.tmp\MicrosoftEdgeUpdateOnDemand.exe | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{47D4A6AA-FF64-409B-A1F2-2AA743173807}\MicrosoftEdgeUpdateSetup_X86_1.3.195.15.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\127.0.2651.98\Trust Protection Lists\Sigma\Social | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0C238D05-57DC-4EAF-AD58-EB96CFFD1848}\EDGEMITMP_72D81.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\configs\DateTimeLocaleConfigs\en-ca.json | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\9SliceEditor\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\AnimationEditor\btn_delete.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\ExtraContent\textures\ui\Controls\DesignSystem\Thumbstick2Horizontal.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\ExtraContent\textures\ui\LuaChat\graphic\gr-game-border-60x60.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\Emotes\Editor\TenFoot\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\VoiceChat\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU6100.tmp\msedgeupdateres_ko.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{47D4A6AA-FF64-409B-A1F2-2AA743173807}\MicrosoftEdgeUpdateSetup_X86_1.3.195.15.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\fonts\AmaticSC-Bold.ttf | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ManageCollaborators\closeWidget_dark.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\StudioToolbox\Voting\thumb-down.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\Controls\DefaultController\Thumbstick2.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU6100.tmp\MicrosoftEdgeComRegisterShellARM64.exe | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{47D4A6AA-FF64-409B-A1F2-2AA743173807}\MicrosoftEdgeUpdateSetup_X86_1.3.195.15.exe | N/A |
| File opened for modification | C:\Program Files\Google\Chrome\Application\debug.log | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\models\LivePackages\.placeholder | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\RoactStudioWidgets\slider_handle_dark.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\Controls\DesignSystem\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\ExtraContent\textures\ui\LuaApp\icons\ic-add.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\ExtraContent\textures\ui\LuaChat\graphic\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\AlignTool\Max.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\DeveloperFramework\Votes\rating_up_gray.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\ExtraContent\textures\ui\LuaApp\ExternalSite\discord.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\ExtraContent\textures\ui\LuaApp\graphic\gr-bloom-circle.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\ExtraContent\textures\ui\LuaChat\9-slice\chat-bubble-tip-right.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\particles\explosion01_smoke_color_new.dds | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\VoiceChat\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\ExtraContent\textures\ui\LuaChat\graphic\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\127.0.2651.98\Locales\gd.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0C238D05-57DC-4EAF-AD58-EB96CFFD1848}\EDGEMITMP_72D81.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\127.0.2651.98\Locales\pt-PT.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0C238D05-57DC-4EAF-AD58-EB96CFFD1848}\EDGEMITMP_72D81.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\avatar\scripts\R15Moods.rbxm | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\TerrainTools\mtrl_pavement.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\Downloads\Delta V3.61\Delta V3.61\Delta.exe |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\Downloads\Delta V3.61\Delta V3.61\Delta.exe |
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\Temp\EU6100.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\Delta V3.61\Delta V3.61\Delta.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\Temp\EU9730.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{47D4A6AA-FF64-409B-A1F2-2AA743173807}\MicrosoftEdgeUpdateSetup_X86_1.3.195.15.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
System Network Configuration Discovery: Internet Connection Discovery
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Windows\system32\svchost.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\svchost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\Microsoft\Internet Explorer\GPU | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\Microsoft\Internet Explorer\GPU | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Software\Microsoft\Internet Explorer\GPU | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\Microsoft\Internet Explorer\GPU | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\SOFTWARE\Microsoft\Internet Explorer\GPU | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Software\Microsoft\Internet Explorer\GPU | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Software\Microsoft\Internet Explorer\GPU | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-4182098368-2521458979-3782681353-1000\Software\Microsoft\Internet Explorer\GPU | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133678688033393545" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A}\AppID = "{A6B716CB-028B-404D-B72C-50E153DD68DA}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\ProxyStubClsid32\ = "{0E8770A1-043A-4818-BB5C-41862B93EEFF}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ = "IAppVersion" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.Update3WebSvc" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\ = "IGoogleUpdate3Web" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32\ = "{0E8770A1-043A-4818-BB5C-41862B93EEFF}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\ProxyStubClsid32\ = "{0E8770A1-043A-4818-BB5C-41862B93EEFF}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\Elevation\Enabled = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\PROGID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0E8770A1-043A-4818-BB5C-41862B93EEFF}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\ProgID\ = "MicrosoftEdgeUpdate.Update3WebMachineFallback.1.0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\NumMethods\ = "41" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{5F6A18BB-6231-424B-8242-19E5BB94F8ED}\ = "Microsoft Edge Update CredentialDialog" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3COMClassService\CLSID\ = "{CECDDD22-2E72-4832-9606-A9B0E5E344B2}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\NumMethods\ = "10" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\ProxyStubClsid32\ = "{0E8770A1-043A-4818-BB5C-41862B93EEFF}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\NumMethods\ = "10" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\ELEVATION | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\MicrosoftEdgeUpdateOnDemand.exe\"" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ = "IApp2" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497}\NumMethods\ = "26" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.CredentialDialogMachine.1.0\ = "Microsoft Edge Update CredentialDialog" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ = "IBrowserHttpRequest2" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{EA92A799-267E-4DF5-A6ED-6A7E0684BB8A}\PROGID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32\ = "{0E8770A1-043A-4818-BB5C-41862B93EEFF}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ = "IPolicyStatus3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ = "IRegistrationUpdateHook" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{375D3B39-152A-41E1-BF1B-B648933F26D0}\InprocHandler32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ = "IJobObserver" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\ProxyStubClsid32\ = "{0E8770A1-043A-4818-BB5C-41862B93EEFF}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\ProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{2E1DD7EF-C12D-4F8E-8AD8-CF8CC265BAD0}\Elevation\Enabled = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\ = "IPackage" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ = "IProcessLauncher2" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\NumMethods\ = "41" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 511362.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe | N/A |
Suspicious use of UnmapMainImage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://a.directfiledl.com/getfile?id=39249595&s=803486CB
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc603146f8,0x7ffc60314708,0x7ffc60314718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2128,17988138858428497864,4075351994078995401,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1824 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2128,17988138858428497864,4075351994078995401,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2532 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2128,17988138858428497864,4075351994078995401,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2660 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17988138858428497864,4075351994078995401,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17988138858428497864,4075351994078995401,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3388 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17988138858428497864,4075351994078995401,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4556 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,17988138858428497864,4075351994078995401,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5408 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2128,17988138858428497864,4075351994078995401,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5408 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17988138858428497864,4075351994078995401,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17988138858428497864,4075351994078995401,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2020 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17988138858428497864,4075351994078995401,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5592 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17988138858428497864,4075351994078995401,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5208 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2128,17988138858428497864,4075351994078995401,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5844 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17988138858428497864,4075351994078995401,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5888 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2128,17988138858428497864,4075351994078995401,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5956 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2128,17988138858428497864,4075351994078995401,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\Delta V3.61\Delta V3.61\Delta.exe
"C:\Users\Admin\Downloads\Delta V3.61\Delta V3.61\Delta.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://discord.gg/4TfpR6wUUu
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffc603146f8,0x7ffc60314708,0x7ffc60314718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2000,18429200611686295601,6780664765394465721,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2020 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2000,18429200611686295601,6780664765394465721,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2332 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2000,18429200611686295601,6780664765394465721,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2700 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,18429200611686295601,6780664765394465721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3444 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,18429200611686295601,6780664765394465721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3452 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2000,18429200611686295601,6780664765394465721,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5076 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffc507dcc40,0x7ffc507dcc4c,0x7ffc507dcc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1888,i,4980693180475438403,14761829620804712209,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1900 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2076,i,4980693180475438403,14761829620804712209,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2124 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2268,i,4980693180475438403,14761829620804712209,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2488 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3156,i,4980693180475438403,14761829620804712209,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3176 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3196,i,4980693180475438403,14761829620804712209,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3432 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4536,i,4980693180475438403,14761829620804712209,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4540 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4800,i,4980693180475438403,14761829620804712209,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4848 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5016,i,4980693180475438403,14761829620804712209,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4392 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4692,i,4980693180475438403,14761829620804712209,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4396 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc603146f8,0x7ffc60314708,0x7ffc60314718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2164 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3008 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3428 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3456 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5100 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5504 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5504 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5564 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3552 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5316 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6048 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5680 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5196 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4524 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3672 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaFoundationService --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=6272 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6844 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=3676 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6040 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1940 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5228 /prefetch:8
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7032 /prefetch:1
C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
MicrosoftEdgeWebview2Setup.exe /silent /install
C:\Program Files (x86)\Microsoft\Temp\EU9730.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EU9730.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7REFGODI0QjUtRjA3Qy00MjdBLTg1NzctQzQ2NUE2MDdGNkU1fSIgdXNlcmlkPSJ7QkJDMkM2MzgtOUM1OS00RDRDLTkxOUMtQTNFNEU5QzI1RTNGfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins1N0Y1NDYyMC00NjA1LTQxOTYtQkQ0MC0xMzIxMUM5ODYwMjB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE5NS4xNSIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjY3NDI0MTM0MDUiIGluc3RhbGxfdGltZV9tcz0iNTI4Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{DAF824B5-F07C-427A-8577-C465A607F6E5}" /silent
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7REFGODI0QjUtRjA3Qy00MjdBLTg1NzctQzQ2NUE2MDdGNkU1fSIgdXNlcmlkPSJ7QkJDMkM2MzgtOUM1OS00RDRDLTkxOUMtQTNFNEU5QzI1RTNGfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins4QzIzREU2Qy00MUVFLTQ1MDctQjIzOS04Njk5NUE2MjREMjZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTIzLjAuNjMxMi4xMjMiIG5leHR2ZXJzaW9uPSIxMjMuMC42MzEyLjEyMyIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjY3NDY2NTM0MTMiLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5532 /prefetch:2
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0C238D05-57DC-4EAF-AD58-EB96CFFD1848}\MicrosoftEdge_X64_127.0.2651.98.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0C238D05-57DC-4EAF-AD58-EB96CFFD1848}\MicrosoftEdge_X64_127.0.2651.98.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0C238D05-57DC-4EAF-AD58-EB96CFFD1848}\EDGEMITMP_72D81.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0C238D05-57DC-4EAF-AD58-EB96CFFD1848}\EDGEMITMP_72D81.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0C238D05-57DC-4EAF-AD58-EB96CFFD1848}\MicrosoftEdge_X64_127.0.2651.98.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0C238D05-57DC-4EAF-AD58-EB96CFFD1848}\EDGEMITMP_72D81.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0C238D05-57DC-4EAF-AD58-EB96CFFD1848}\EDGEMITMP_72D81.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=127.0.6533.100 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0C238D05-57DC-4EAF-AD58-EB96CFFD1848}\EDGEMITMP_72D81.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=127.0.2651.98 --initial-client-data=0x22c,0x230,0x234,0x208,0x238,0x7ff68356b7d0,0x7ff68356b7dc,0x7ff68356b7e8
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7REFGODI0QjUtRjA3Qy00MjdBLTg1NzctQzQ2NUE2MDdGNkU1fSIgdXNlcmlkPSJ7QkJDMkM2MzgtOUM1OS00RDRDLTkxOUMtQTNFNEU5QzI1RTNGfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntBRkMzRUQ2Mi1EMUNGLTQzRkEtQjkyNy00RUU0RThBQjQ1MjJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTI3LjAuMjY1MS45OCIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNjc2MzA0MzQ3MyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjY3NjMxMDMzOTMiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI2OTkxNDczNTA4IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy81MjlhNDFjZC01YzBjLTRjZDAtODA2MS1iNzFmZWFhOGEzMzY_UDE9MTcyNDAwMDE0NSZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1mNjlCM3ZNZWpHMlltOGxQMG1HcDQ5WjEzS2QlMmZFRnNNdTlndSUyZk9Zd0d3RWxINUg4YyUyYmtFVCUyYlBPJTJieUdXek1IRko3UmRnd1hwTWc1V0VxQlU5WlN3S3clM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNzI2MDY0MDgiIHRvdGFsPSIxNzI2MDY0MDgiIGRvd25sb2FkX3RpbWVfbXM9IjE2NjI1Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNjk5MTYwMzM4NiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjcwMDQ3NDM0MTAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY3NTciIHN5c3RlbV91cHRpbWVfdGlja3M9Ijc0NDEzNTM0NTUiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSIxMTYyIiBkb3dubG9hZF90aW1lX21zPSIyMjg0NiIgZG93bmxvYWRlZD0iMTcyNjA2NDA4IiB0b3RhbD0iMTcyNjA2NDA4IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI0MzY1OSIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe" -app -isInstallerLaunch -clientLaunchTimeEpochMs 0
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3636 /prefetch:1
C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:5lgPSZq_q3HI43M6Yq1pzr53heomwcazMeAKPdrLdTTusHqB_jLKskm2C2ECYKV5BZ9eeIsjcwI661G65_03C1JK1cwsJiBYa5W5NE1Fy1H9JpG3vc2uNZipRSqRehVdvqKdnrRhup6JlZIjJAr0hP3oAmqxmvevHLm98PMas7NGtIg6-Fqqgmo6AeVBTsjtrftuaGhPlnJVtEFEGEP-lHo44FYZCWL7Ba2uUTuQ8fA+launchtime:1723395306578+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1723395244664004%26placeId%3D6403373529%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Dc1236e78-9494-4561-ba24-6c0553809572%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1723395244664004+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1
C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:lhshdydA4aWfsI-CST5QkQyu5A41seHCbKuGN_pQ4j4VkR4-9pRTTqwR9WibaM3XqN5Ib6-3trElRpyfm1nP7YQOUNG5DdHvgNjPrxrvncDXgiHl9Bhn9yWcMghkJUrylrTqOJtLpC4NMbkV3fgW3lwXyRUDDX0t5bUNtoV7X1C2WoRipNxD6HCQagwh9NAZn10g7sqOUKcvFC8NDlNJV86mGRi6DPGdrQ5jMyuUnps+launchtime:1723395306578+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1723395244664004%26placeId%3D6403373529%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3Dc1236e78-9494-4561-ba24-6c0553809572%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1723395244664004+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp
C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe"
C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe"
C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe"
C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe"
C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe"
C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe"
C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefaultdbbf3f50h7eafh4941h9fedhc4c6d79577d5
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc603146f8,0x7ffc60314708,0x7ffc60314718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2216,645622803883698034,7066618725529112308,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2224 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2216,645622803883698034,7066618725529112308,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2276 /prefetch:3
C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffc507dcc40,0x7ffc507dcc4c,0x7ffc507dcc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1840,i,17003258646944721986,3572046457445201491,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=1836 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2168,i,17003258646944721986,3572046457445201491,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=2192 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2248,i,17003258646944721986,3572046457445201491,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=2268 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3108,i,17003258646944721986,3572046457445201491,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=3120 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3340,i,17003258646944721986,3572046457445201491,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=3360 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4496,i,17003258646944721986,3572046457445201491,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=4516 /prefetch:1
C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault94f4dba9h1724h48bdh9581h9cca17f0ddc9
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc603146f8,0x7ffc60314708,0x7ffc60314718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,3812245888461907955,18441513833487480413,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,3812245888461907955,18441513833487480413,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2296 /prefetch:3
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault2575d6b7h6d8ch494aha67fhbc3b83946ff0
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc603146f8,0x7ffc60314708,0x7ffc60314718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2112,3666590890684832815,9941758411617602774,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2120 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,3666590890684832815,9941758411617602774,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 /prefetch:3
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k DevicesFlow -s DevicesFlowUserSvc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefaultb960a297h4427h419ehab70hf9c29d6a7f2f
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc603146f8,0x7ffc60314708,0x7ffc60314718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2120,390310760845397743,4242789851212873753,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2128 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2120,390310760845397743,4242789851212873753,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2180 /prefetch:3
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc603146f8,0x7ffc60314708,0x7ffc60314718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3660 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6084 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6968 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,13743219349917030118,15911624757057204172,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6176 /prefetch:1
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 496 -p 5284 -ip 5284
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5284 -s 2316
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 556 -p 5284 -ip 5284
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 5284 -s 2316
C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc603146f8,0x7ffc60314708,0x7ffc60314718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2240 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 /prefetch:3
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3068 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3600 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3608 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4344 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4916 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5096 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5096 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3668 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5156 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3760 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5484 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4868 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5188 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5964 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6044 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5824 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5832 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5916 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6140 /prefetch:1
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x4f8 0x300
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5160 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4196 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4900 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{47D4A6AA-FF64-409B-A1F2-2AA743173807}\MicrosoftEdgeUpdateSetup_X86_1.3.195.15.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{47D4A6AA-FF64-409B-A1F2-2AA743173807}\MicrosoftEdgeUpdateSetup_X86_1.3.195.15.exe" /update /sessionid "{79B8321E-21C7-48D7-A671-93211BB161BC}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NzlCODMyMUUtMjFDNy00OEQ3LUE2NzEtOTMyMTFCQjE2MUJDfSIgdXNlcmlkPSJ7QkJDMkM2MzgtOUM1OS00RDRDLTkxOUMtQTNFNEU5QzI1RTNGfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins4ODMyREZFMy0wQjI3LTRCQUUtODlDQS03MDBCNDRCNThDOTV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xOTUuMTUiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iSXNPbkludGVydmFsQ29tbWFuZHNBbGxvd2VkPSU1QiUyMi10YXJnZXRfZGV2JTIyJTVEIiBpbnN0YWxsYWdlPSI4Ij48dXBkYXRlY2hlY2svPjxldmVudCBldmVudHR5cGU9IjEyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDEzMjM2MDI5NSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDEzMjYyMDQzOSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMCIgZXJyb3Jjb2RlPSItMjE0NzAyMzgzOCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTA1MTc5ODY1MTAiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImRvIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy8zMjNmYTdmNy00NDQ1LTQxMzctODJlYy03MTUyODk0OTE4MmE_UDE9MTcyNDAwMDQ4MiZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1YRlV0RzlZJTJmVnI0ajNRUURDck9VJTJmallHSU9JOUtjUEJvdGN5RUp0ZWRCVVU2SFFBeGdqbDRoblV4JTJiY291eGRvVGNia3Z0Z2lNbUI5MWZjcTJVZ1RvQSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSIwIiBkb3dubG9hZF90aW1lX21zPSIxIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwNTE4MDA2ODI0IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy8zMjNmYTdmNy00NDQ1LTQxMzctODJlYy03MTUyODk0OTE4MmE_UDE9MTcyNDAwMDQ4MiZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1YRlV0RzlZJTJmVnI0ajNRUURDck9VJTJmallHSU9JOUtjUEJvdGN5RUp0ZWRCVVU2SFFBeGdqbDRoblV4JTJiY291eGRvVGNia3Z0Z2lNbUI5MWZjcTJVZ1RvQSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjE2NDUxMTIiIHRvdGFsPSIxNjQ1MTEyIiBkb3dubG9hZF90aW1lX21zPSIzODMxNyIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDUxODA1NjU3MCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDUyMzQ3NjU1NSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxwaW5nIHI9IjkiIHJkPSI2NDIzIiBwaW5nX2ZyZXNobmVzcz0iezcwQTFDOTZBLTk0RTUtNEYyMC1CNTdELTU5NDhBRTVERTY3MH0iLz48L2FwcD48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iOTIuMC45MDIuNjciIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaW5zdGFsbGFnZT0iOCIgbGFzdF9sYXVuY2hfdGltZT0iMTMzNjc4NjkyNDM0MDM5OTYwIj48dXBkYXRlY2hlY2svPjxwaW5nIGFjdGl2ZT0iMSIgYT0iOSIgcj0iOSIgYWQ9IjY0MjMiIHJkPSI2NDIzIiBwaW5nX2ZyZXNobmVzcz0iezY5QjlCQ0Y3LTRCOEItNDFBMy1BODZGLUI4QjU4MTdGOTRBMX0iLz48L2FwcD48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iMTI3LjAuMjY1MS45OCIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiIGluc3RhbGxkYXRlPSI2NDI2Ij48dXBkYXRlY2hlY2svPjxwaW5nIHI9Ii0xIiByZD0iLTEiIHBpbmdfZnJlc2huZXNzPSJ7QjY1NjhGNEEtMzJGQS00MzM2LTgwQjctRTE3MTUxNzgxN0Y1fSIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Microsoft\Temp\EU6100.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EU6100.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{79B8321E-21C7-48D7-A671-93211BB161BC}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3056 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2200,7370051744347438826,15029123268125653752,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5140 /prefetch:1
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.15\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMTUiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NzlCODMyMUUtMjFDNy00OEQ3LUE2NzEtOTMyMTFCQjE2MUJDfSIgdXNlcmlkPSJ7QkJDMkM2MzgtOUM1OS00RDRDLTkxOUMtQTNFNEU5QzI1RTNGfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7RDQwQTBDNjctMDI5NS00ODI3LThBNEMtMzYxQzkyOEJGRDlBfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4xOTA0MS4xMjg4IiBzcD0iIiBhcmNoPSJ4NjQiIHByb2R1Y3RfdHlwZT0iNDgiIGlzX3dpcD0iMCIgaXNfaW5fbG9ja2Rvd25fbW9kZT0iMCIvPjxvZW0gcHJvZHVjdF9tYW51ZmFjdHVyZXI9IiIgcHJvZHVjdF9uYW1lPSIiLz48ZXhwIGV0YWc9IiZxdW90O3I0NTJ0MStrMlRncS9IWHpqdkZOQlJob3BCV1I5c2JqWHhxZVVESDl1WDA9JnF1b3Q7Ii8-PGFwcCBhcHBpZD0ie0YzQzRGRTAwLUVGRDUtNDAzQi05NTY5LTM5OEEyMEYxQkE0QX0iIHZlcnNpb249IjEuMy4xNzEuMzkiIG5leHR2ZXJzaW9uPSIxLjMuMTk1LjE1IiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iOCIgaW5zdGFsbGRhdGV0aW1lPSIxNzIyNjI2ODYyIj48ZXZlbnQgZXZlbnR0eXBlPSIzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDU0ODI5MjAyNiIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffc507dcc40,0x7ffc507dcc4c,0x7ffc507dcc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2020,i,7608058706649217005,4227143137430781718,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=2012 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1904,i,7608058706649217005,4227143137430781718,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=2056 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2304,i,7608058706649217005,4227143137430781718,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=2300 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3140,i,7608058706649217005,4227143137430781718,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=3160 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3184,i,7608058706649217005,4227143137430781718,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=3200 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3696,i,7608058706649217005,4227143137430781718,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=3688 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4572,i,7608058706649217005,4227143137430781718,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=4668 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3740,i,7608058706649217005,4227143137430781718,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=3316 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3448,i,7608058706649217005,4227143137430781718,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=3972 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --use-gl=angle --use-angle=swiftshader-webgl --field-trial-handle=2128,i,7608058706649217005,4227143137430781718,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=4400 /prefetch:2
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4904,i,7608058706649217005,4227143137430781718,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=4912 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --reenable-autoupdates --system-level
C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x268,0x26c,0x270,0x244,0x274,0x7ff6f9f44698,0x7ff6f9f446a4,0x7ff6f9f446b0
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=2228,i,7608058706649217005,4227143137430781718,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=3888 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=4668,i,7608058706649217005,4227143137430781718,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=3992 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3236,i,7608058706649217005,4227143137430781718,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=3288 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=4136,i,7608058706649217005,4227143137430781718,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=3192 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=3340,i,7608058706649217005,4227143137430781718,262144 --variations-seed-version=20240809-130208.212000 --mojo-platform-channel-handle=3408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc603146f8,0x7ffc60314708,0x7ffc60314718
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.directfiledl.com | udp |
| DE | 167.235.218.62:443 | a.directfiledl.com | tcp |
| DE | 167.235.218.62:443 | a.directfiledl.com | tcp |
| DE | 167.235.218.62:443 | a.directfiledl.com | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| GB | 95.101.129.43:80 | apps.identrust.com | tcp |
| US | 13.107.21.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 71.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 62.218.235.167.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 81.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.129.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| DE | 167.235.218.62:443 | a.directfiledl.com | tcp |
| DE | 167.235.218.62:443 | a.directfiledl.com | tcp |
| DE | 167.235.218.62:443 | a.directfiledl.com | tcp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | gitlab.com | udp |
| US | 172.65.251.78:443 | gitlab.com | tcp |
| US | 8.8.8.8:53 | 78.251.65.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | discord.gg | udp |
| US | 162.159.133.234:443 | discord.gg | tcp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.135.232:443 | discord.com | tcp |
| US | 8.8.8.8:53 | 234.133.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.135.159.162.in-addr.arpa | udp |
| US | 162.159.135.232:443 | discord.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 131.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.39.251.142.in-addr.arpa | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 196.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| NL | 172.217.23.206:443 | clients2.google.com | udp |
| NL | 172.217.23.206:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | 206.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| NL | 142.251.36.10:443 | content-autofill.googleapis.com | tcp |
| NL | 142.251.36.10:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 3.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
| GB | 95.101.129.208:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 208.129.101.95.in-addr.arpa | udp |
| GB | 95.101.129.208:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 95.101.129.146:443 | th.bing.com | tcp |
| GB | 95.101.129.208:443 | th.bing.com | tcp |
| GB | 95.101.129.208:443 | th.bing.com | tcp |
| GB | 95.101.129.146:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | 146.129.101.95.in-addr.arpa | udp |
| GB | 95.101.129.208:443 | th.bing.com | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 20.190.159.64:443 | login.microsoftonline.com | tcp |
| IE | 20.190.159.64:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| US | 8.8.8.8:53 | 64.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| GB | 128.116.119.4:443 | www.roblox.com | tcp |
| GB | 128.116.119.4:443 | www.roblox.com | tcp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 8.8.8.8:53 | 4.119.116.128.in-addr.arpa | udp |
| GB | 2.16.170.58:443 | css.rbxcdn.com | tcp |
| GB | 2.16.170.58:443 | css.rbxcdn.com | tcp |
| GB | 2.16.170.58:443 | css.rbxcdn.com | tcp |
| GB | 2.16.170.58:443 | css.rbxcdn.com | tcp |
| GB | 2.16.170.58:443 | css.rbxcdn.com | tcp |
| GB | 2.16.170.58:443 | css.rbxcdn.com | tcp |
| GB | 18.245.253.103:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.103:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.103:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.103:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.103:443 | js.rbxcdn.com | tcp |
| GB | 18.245.253.103:443 | js.rbxcdn.com | tcp |
| GB | 108.138.217.65:443 | static.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 58.170.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 103.253.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.217.138.108.in-addr.arpa | udp |
| GB | 128.116.119.4:443 | www.roblox.com | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| GB | 18.244.155.22:443 | roblox-api.arkoselabs.com | tcp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| GB | 18.244.155.22:443 | roblox-api.arkoselabs.com | udp |
| GB | 128.116.119.4:443 | apis.roblox.com | tcp |
| US | 8.8.8.8:53 | 107.39.156.108.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.155.244.18.in-addr.arpa | udp |
| GB | 128.116.119.4:443 | apis.roblox.com | tcp |
| GB | 128.116.119.4:443 | apis.roblox.com | udp |
| US | 8.8.8.8:53 | apis.rbxcdn.com | udp |
| GB | 2.16.170.120:443 | apis.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | locale.roblox.com | udp |
| GB | 2.16.170.58:443 | css.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| GB | 216.137.44.44:443 | images.rbxcdn.com | tcp |
| GB | 216.137.44.44:443 | images.rbxcdn.com | tcp |
| GB | 216.137.44.44:443 | images.rbxcdn.com | tcp |
| GB | 216.137.44.44:443 | images.rbxcdn.com | tcp |
| GB | 216.137.44.44:443 | images.rbxcdn.com | tcp |
| GB | 216.137.44.44:443 | images.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 120.170.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 44.44.137.216.in-addr.arpa | udp |
| GB | 128.116.119.4:443 | auth.roblox.com | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | assetgame.roblox.com | udp |
| US | 8.8.8.8:53 | realtime-signalr.roblox.com | udp |
| US | 8.8.8.8:53 | lms.roblox.com | udp |
| US | 8.8.8.8:53 | thumbnails.roblox.com | udp |
| GB | 128.116.119.8:443 | lms.roblox.com | tcp |
| US | 8.8.8.8:53 | contacts.roblox.com | udp |
| US | 8.8.8.8:53 | notifications.roblox.com | udp |
| US | 8.8.8.8:53 | accountsettings.roblox.com | udp |
| US | 8.8.8.8:53 | economy.roblox.com | udp |
| US | 8.8.8.8:53 | friends.roblox.com | udp |
| US | 8.8.8.8:53 | privatemessages.roblox.com | udp |
| US | 8.8.8.8:53 | trades.roblox.com | udp |
| US | 8.8.8.8:53 | fra4-128-116-44-3.roblox.com | udp |
| US | 8.8.8.8:53 | iad4-128-116-102-3.roblox.com | udp |
| US | 8.8.8.8:53 | nrt1-128-116-120-3.roblox.com | udp |
| US | 8.8.8.8:53 | fra2-128-116-123-3.roblox.com | udp |
| US | 8.8.8.8:53 | pulsar.roblox.com | udp |
| US | 8.8.8.8:53 | syd1-128-116-51-3.roblox.com | udp |
| US | 8.8.8.8:53 | aws-us-east-2b-lms.rbx.com | udp |
| US | 8.8.8.8:53 | dfw2-128-116-95-3.roblox.com | udp |
| US | 8.8.8.8:53 | aws-us-east-1c-lms.rbx.com | udp |
| US | 8.8.8.8:53 | aws-eu-central-1b-lms.rbx.com | udp |
| US | 128.116.95.3:443 | dfw2-128-116-95-3.roblox.com | tcp |
| US | 44.214.126.196:443 | aws-us-east-1c-lms.rbx.com | tcp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| GB | 92.123.143.232:443 | tr.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 8.119.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.126.214.44.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.143.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.95.116.128.in-addr.arpa | udp |
| US | 3.21.160.234:443 | aws-us-east-2b-lms.rbx.com | tcp |
| US | 128.116.121.3:443 | pulsar.roblox.com | tcp |
| DE | 52.28.156.24:443 | aws-eu-central-1b-lms.rbx.com | tcp |
| JP | 128.116.120.3:443 | nrt1-128-116-120-3.roblox.com | tcp |
| US | 128.116.102.3:443 | iad4-128-116-102-3.roblox.com | tcp |
| DE | 128.116.44.3:443 | fra4-128-116-44-3.roblox.com | tcp |
| DE | 128.116.123.3:443 | fra2-128-116-123-3.roblox.com | tcp |
| AU | 128.116.51.3:443 | syd1-128-116-51-3.roblox.com | tcp |
| JP | 128.116.120.3:443 | nrt1-128-116-120-3.roblox.com | tcp |
| AU | 128.116.51.3:443 | syd1-128-116-51-3.roblox.com | tcp |
| US | 128.116.121.3:443 | pulsar.roblox.com | tcp |
| US | 8.8.8.8:53 | 24.156.28.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.44.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.123.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.102.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.160.21.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.120.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.51.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | images.pling.com | udp |
| DE | 206.189.58.222:443 | images.pling.com | tcp |
| US | 8.8.8.8:53 | arzotravels.com | udp |
| DE | 85.13.128.115:443 | arzotravels.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| NL | 142.250.179.182:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | img.freepik.com | udp |
| US | 8.8.8.8:53 | 222.58.189.206.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 115.128.13.85.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 182.179.250.142.in-addr.arpa | udp |
| GB | 92.123.143.217:443 | img.freepik.com | tcp |
| US | 8.8.8.8:53 | i.kym-cdn.com | udp |
| GB | 128.116.119.8:443 | lms.roblox.com | udp |
| GB | 87.248.205.1:443 | i.kym-cdn.com | tcp |
| US | 8.8.8.8:53 | cdn.wearedevs.net | udp |
| US | 104.26.7.147:443 | cdn.wearedevs.net | tcp |
| US | 8.8.8.8:53 | images.pexels.com | udp |
| US | 104.18.67.220:443 | images.pexels.com | tcp |
| US | 104.18.67.220:443 | images.pexels.com | tcp |
| US | 8.8.8.8:53 | cdn.discordapp.com | udp |
| US | 162.159.134.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.134.233:443 | cdn.discordapp.com | tcp |
| US | 8.8.8.8:53 | media-management-service.s3.amazonaws.com | udp |
| DE | 52.219.168.55:443 | media-management-service.s3.amazonaws.com | tcp |
| US | 8.8.8.8:53 | images4.alphacoders.com | udp |
| US | 104.20.75.132:443 | images4.alphacoders.com | tcp |
| US | 8.8.8.8:53 | www.wallpaperup.com | udp |
| CA | 142.44.139.57:443 | www.wallpaperup.com | tcp |
| US | 8.8.8.8:53 | images6.alphacoders.com | udp |
| US | 104.20.75.132:443 | images6.alphacoders.com | tcp |
| US | 8.8.8.8:53 | images3.alphacoders.com | udp |
| US | 104.20.75.132:443 | images3.alphacoders.com | tcp |
| US | 104.20.75.132:443 | images3.alphacoders.com | tcp |
| US | 8.8.8.8:53 | media.discordapp.net | udp |
| US | 162.159.128.232:443 | media.discordapp.net | tcp |
| US | 8.8.8.8:53 | assets.puzzlefactory.pl | udp |
| GB | 79.127.237.132:443 | assets.puzzlefactory.pl | tcp |
| US | 162.159.128.232:443 | media.discordapp.net | tcp |
| US | 8.8.8.8:53 | 217.143.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.7.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 220.67.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.134.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.168.219.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.75.20.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 57.139.44.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.128.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.237.127.79.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | presence.roblox.com | udp |
| GB | 128.116.119.8:443 | lms.roblox.com | udp |
| US | 8.8.8.8:53 | ams2-128-116-21-3.roblox.com | udp |
| US | 8.8.8.8:53 | gold.roblox.com | udp |
| US | 8.8.8.8:53 | mia4-128-116-45-3.roblox.com | udp |
| US | 8.8.8.8:53 | aws-us-west-2b-lms.rbx.com | udp |
| US | 8.8.8.8:53 | c0.rbxcdn.com | udp |
| US | 8.8.8.8:53 | lhr2-128-116-119-3.roblox.com | udp |
| GB | 128.116.119.3:443 | lhr2-128-116-119-3.roblox.com | tcp |
| US | 128.116.45.3:443 | mia4-128-116-45-3.roblox.com | tcp |
| NL | 128.116.21.3:443 | ams2-128-116-21-3.roblox.com | tcp |
| US | 52.11.92.202:443 | aws-us-west-2b-lms.rbx.com | tcp |
| GB | 128.116.119.3:443 | lhr2-128-116-119-3.roblox.com | tcp |
| GB | 128.116.119.3:443 | lhr2-128-116-119-3.roblox.com | tcp |
| NL | 128.116.21.3:443 | ams2-128-116-21-3.roblox.com | tcp |
| US | 128.116.45.3:443 | mia4-128-116-45-3.roblox.com | tcp |
| GB | 128.116.119.3:443 | lhr2-128-116-119-3.roblox.com | tcp |
| US | 52.11.92.202:443 | aws-us-west-2b-lms.rbx.com | tcp |
| GB | 2.16.170.51:443 | c0.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | ncs.roblox.com | udp |
| US | 8.8.8.8:53 | games.roblox.com | udp |
| US | 8.8.8.8:53 | 3.119.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 51.170.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.21.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.45.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.92.11.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | voice.roblox.com | udp |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| GB | 2.16.170.112:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 112.170.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| GB | 128.116.119.4:443 | ecsv2.roblox.com | tcp |
| N/A | 127.0.0.1:59744 | tcp | |
| N/A | 127.0.0.1:59748 | tcp | |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| GB | 18.165.242.74:443 | clientsettingscdn.roblox.com | tcp |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| GB | 2.16.170.123:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 74.242.165.18.in-addr.arpa | udp |
| N/A | 127.0.0.1:59772 | tcp | |
| US | 8.8.8.8:53 | 123.170.16.2.in-addr.arpa | udp |
| GB | 2.16.170.123:443 | setup.rbxcdn.com | tcp |
| GB | 2.16.170.123:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 23.102.129.60:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 60.129.102.23.in-addr.arpa | udp |
| GB | 92.123.142.59:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 59.142.123.92.in-addr.arpa | udp |
| GB | 128.116.119.4:443 | ecsv2.roblox.com | udp |
| N/A | 127.0.0.1:60241 | tcp | |
| US | 8.8.8.8:53 | client-telemetry.roblox.com | udp |
| GB | 128.116.119.4:443 | client-telemetry.roblox.com | tcp |
| US | 8.8.8.8:53 | 9.179.89.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.228.82.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.221.208.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 167.109.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 112.245.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 36.58.20.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cxcs.microsoft.net | udp |
| GB | 23.62.195.195:443 | cxcs.microsoft.net | tcp |
| GB | 92.123.142.161:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 195.195.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 161.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.58.20.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| GB | 92.123.142.177:443 | www.bing.com | udp |
| GB | 92.123.142.177:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 177.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| GB | 92.123.142.73:443 | th.bing.com | udp |
| GB | 92.123.142.122:443 | r.bing.com | udp |
| GB | 92.123.142.122:443 | r.bing.com | udp |
| GB | 92.123.142.73:443 | th.bing.com | udp |
| US | 8.8.8.8:53 | 122.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| NL | 13.95.26.4:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 8.8.8.8:53 | msedge.b.tlu.dl.delivery.mp.microsoft.com | udp |
| GB | 92.123.142.59:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| US | 8.8.8.8:53 | 4.26.95.13.in-addr.arpa | udp |
| GB | 92.123.142.153:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | 153.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| GB | 92.123.142.105:443 | th.bing.com | udp |
| GB | 92.123.142.168:443 | r.bing.com | udp |
| GB | 92.123.142.168:443 | r.bing.com | udp |
| GB | 92.123.142.105:443 | th.bing.com | udp |
| US | 8.8.8.8:53 | 105.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 168.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 92.123.142.105:443 | th.bing.com | udp |
| GB | 173.222.211.42:443 | t.ssl.ak.dynamic.tiles.virtualearth.net | tcp |
| GB | 173.222.211.42:443 | t.ssl.ak.dynamic.tiles.virtualearth.net | tcp |
| GB | 173.222.211.42:443 | t.ssl.ak.dynamic.tiles.virtualearth.net | tcp |
| GB | 173.222.211.42:443 | t.ssl.ak.dynamic.tiles.virtualearth.net | tcp |
| US | 8.8.8.8:53 | 42.211.222.173.in-addr.arpa | udp |
| GB | 95.100.245.144:443 | www.microsoft.com | tcp |
| GB | 95.100.245.144:443 | www.microsoft.com | tcp |
| US | 8.8.8.8:53 | 144.245.100.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | web.vortex.data.microsoft.com | udp |
| US | 8.8.8.8:53 | cdn-dynmedia-1.microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| GB | 92.123.142.16:443 | cdn-dynmedia-1.microsoft.com | tcp |
| US | 8.8.8.8:53 | accdn.lpsnmedia.net | udp |
| US | 8.8.8.8:53 | analytics.tiktok.com | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | cdnssl.clicktale.net | udp |
| US | 8.8.8.8:53 | d.impactradius-event.com | udp |
| US | 8.8.8.8:53 | fpt.microsoft.com | udp |
| US | 8.8.8.8:53 | js.monitor.azure.com | udp |
| US | 8.8.8.8:53 | 19.211.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | lpcdn.lpsnmedia.net | udp |
| US | 8.8.8.8:53 | store-images.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | lptag.liveperson.net | udp |
| GB | 2.18.109.103:443 | store-images.microsoft.com | tcp |
| US | 8.8.8.8:53 | mem.gfx.ms | udp |
| GB | 2.18.109.103:443 | store-images.microsoft.com | tcp |
| US | 8.8.8.8:53 | publisher.liveperson.net | udp |
| GB | 2.18.109.131:443 | c.s-microsoft.com | tcp |
| GB | 2.18.109.131:443 | c.s-microsoft.com | tcp |
| GB | 2.18.109.131:443 | c.s-microsoft.com | tcp |
| GB | 2.18.109.131:443 | c.s-microsoft.com | tcp |
| GB | 2.18.109.131:443 | c.s-microsoft.com | tcp |
| US | 8.8.8.8:53 | www.clarity.ms | udp |
| GB | 178.249.97.23:443 | lptag.liveperson.net | tcp |
| US | 34.120.154.120:443 | publisher.liveperson.net | tcp |
| GB | 178.249.97.99:443 | accdn.lpsnmedia.net | tcp |
| US | 8.8.8.8:53 | 64.246.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.97.249.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 120.154.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.97.249.178.in-addr.arpa | udp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 52.167.30.171:443 | fpt.microsoft.com | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 35.186.249.72:443 | d.impactradius-event.com | tcp |
| GB | 18.165.242.47:443 | cdnssl.clicktale.net | tcp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| GB | 2.17.209.43:443 | analytics.tiktok.com | tcp |
| GB | 2.18.109.131:443 | c.s-microsoft.com | tcp |
| US | 34.120.154.120:443 | publisher.liveperson.net | tcp |
| US | 8.8.8.8:53 | fpt2.microsoft.com | udp |
| US | 8.8.8.8:53 | 103.109.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.249.186.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 47.242.165.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.209.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.30.167.52.in-addr.arpa | udp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 13.107.246.64:443 | www.clarity.ms | tcp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 20.190.159.2:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | browser.events.data.microsoft.com | udp |
| US | 20.189.173.4:443 | browser.events.data.microsoft.com | tcp |
| US | 20.189.173.4:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | 2.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.173.189.20.in-addr.arpa | udp |
| US | 34.120.154.120:443 | publisher.liveperson.net | tcp |
| US | 8.8.8.8:53 | acctcdn.msftauth.net | udp |
| US | 8.8.8.8:53 | acctcdn.msauth.net | udp |
| US | 152.199.21.175:443 | acctcdn.msftauth.net | tcp |
| US | 8.8.8.8:53 | acctcdnvzeuno.azureedge.net | udp |
| US | 8.8.8.8:53 | acctcdnmsftuswe2.azureedge.net | udp |
| US | 8.8.8.8:53 | lgincdnmsftuswe2.azureedge.net | udp |
| US | 8.8.8.8:53 | lgincdnvzeuno.azureedge.net | udp |
| US | 8.8.8.8:53 | logincdn.msftauth.net | udp |
| US | 8.8.8.8:53 | target.microsoft.com | udp |
| IE | 66.235.152.156:443 | target.microsoft.com | tcp |
| IE | 66.235.152.156:443 | target.microsoft.com | tcp |
| US | 8.8.8.8:53 | 175.21.199.152.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.152.235.66.in-addr.arpa | udp |
| US | 20.189.173.4:443 | browser.events.data.microsoft.com | tcp |
| US | 20.189.173.4:443 | browser.events.data.microsoft.com | tcp |
| US | 8.8.8.8:53 | xbox.com | udp |
| US | 20.112.250.133:443 | xbox.com | tcp |
| US | 8.8.8.8:53 | www.xbox.com | udp |
| GB | 173.222.8.59:80 | www.xbox.com | tcp |
| GB | 173.222.8.59:80 | www.xbox.com | tcp |
| GB | 173.222.8.59:443 | www.xbox.com | tcp |
| US | 8.8.8.8:53 | 133.250.112.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | assets-www.xbox.com | udp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| GB | 173.222.8.59:443 | assets-www.xbox.com | tcp |
| GB | 173.222.8.59:443 | assets-www.xbox.com | tcp |
| GB | 173.222.8.59:443 | assets-www.xbox.com | tcp |
| GB | 173.222.8.59:443 | assets-www.xbox.com | tcp |
| GB | 173.222.8.59:443 | assets-www.xbox.com | tcp |
| GB | 173.222.8.59:443 | assets-www.xbox.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| GB | 173.222.8.59:443 | assets-www.xbox.com | udp |
| US | 8.8.8.8:53 | assets.adobedtm.com | udp |
| GB | 2.18.108.226:443 | assets.adobedtm.com | tcp |
| US | 8.8.8.8:53 | 59.8.222.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.24.17.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.108.18.2.in-addr.arpa | udp |
| GB | 173.222.8.59:443 | assets-www.xbox.com | udp |
| US | 8.8.8.8:53 | emerald.xboxservices.com | udp |
| US | 13.107.246.64:443 | emerald.xboxservices.com | tcp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| NL | 172.217.23.206:443 | clients2.google.com | udp |
| NL | 172.217.23.206:443 | clients2.google.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 983cbc1f706a155d63496ebc4d66515e |
| SHA1 | 223d0071718b80cad9239e58c5e8e64df6e2a2fe |
| SHA256 | cc34b8f8e3f4bfe4c9a227d88f56ea2dd276ca3ac81df622ff5e9a8ec46b951c |
| SHA512 | d9cf2ca46d9379902730c81e615a3eb694873ffd535c6bb3ded2dc97cdbbfb71051ab11a07754ed6f610f04285605b702b5a48a6cfda3ee3287230c41c9c45cd |
\??\pipe\LOCAL\crashpad_4996_TCVEJBDTDPJOWNRM
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 111c361619c017b5d09a13a56938bd54 |
| SHA1 | e02b363a8ceb95751623f25025a9299a2c931e07 |
| SHA256 | d7be4042a1e3511b0dbf0ab5c493245e4ac314440a4ae0732813db01a21ef8bc |
| SHA512 | fc16a4ad0b56899b82d05114d7b0ca8ee610cdba6ff0b6a67dea44faf17b3105109335359b78c0a59c9011a13152744a7f5d4f6a5b66ea519df750ef03f622b2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c76bf43d7fd34447c265955ccd716e96 |
| SHA1 | 2f078d6aa19c86a378e9df3f2fd81a84b3a189d5 |
| SHA256 | cae7a8220ea5b11f98d9030fb6c6a91b34b1907ceee3c662d2f286c832470ae7 |
| SHA512 | f915741ca9d35fb2cde2fb452c0a2384cfb436dc93817c15a77df87db1cc8f942e064c3a659e40bcd4918f5d350f5001703c1c6d714691453e7a97ebd74f39ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 7f49dd8960a7916f48d7ed8c4ab632b8 |
| SHA1 | f795e4a1e606f8fb9ac79f46ceb1e061b2ecd685 |
| SHA256 | 6931a83f5a7aab68c03eecc311c4dbc1dbe2bd2b02632620089c268c5215e930 |
| SHA512 | 0dad01ea067b26ac3c36cc8034f61f2bb5345523ce69ded727b57e58593e4c72540aba3194b04ba85b6e0d8f093d9c32467493ca52163948d487ee64a7914019 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6aeaab16ee99de9c13d3ed8203f3cc00 |
| SHA1 | 690843dc359066008b01c8432770d46795ff8123 |
| SHA256 | 8835feff1219a5baef1f35d09d4084a9a5c3752a9856ca0de5bc07682a3fd1e9 |
| SHA512 | 8b8f6c5793c37f015dcc526afc8dd748142fa12aeb99ff9ea5060c52b23b518b909cccf968eb12f2901c3cc6cfbfb95d37bcf56219dd7fc801aaf27fea4ec259 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | dbc5fa1094cd82aec16ebdf5a66701d3 |
| SHA1 | 734179309b10c8a83a47bca8631016e97a09f16a |
| SHA256 | 01d824c67762c12f64c830d1a39bd5b599cd76f203978720f8062592b0ce9a3a |
| SHA512 | 54b67b1e07ffedecfb895ae3d0e7cd1b41fecf40d7db59aaf74a26d410032fe356707f1789bd5385b166f05ef4c84aaa83a7a1241da253a303d64d57394e5036 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 506d4ed710e53b61630e1139378cb259 |
| SHA1 | 0d82b3d1ab5ef846b93e16543e1f001922dae959 |
| SHA256 | f6b970a4a30b36aac98fa896c516575421d1f3f1d36f9120078d2698288930f2 |
| SHA512 | 9880bef8c04124c48dfb734c371da07a2f797c179b4893a0033be28ef91af7944a0f59261a4235e10977ea85d33790bbb2a2e70e65aa781204eba5be22ad1fb3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 13159bb06e026ab97041efe387b020f4 |
| SHA1 | ab7d7d4d4d96fba447e26b4fb258e770af50a06d |
| SHA256 | 59cdba693f8e8fedf36e3c9843aa5efa0d3b466d202fbb76cb028bd3074ddd3d |
| SHA512 | 6a298e51f9a5835f6d2135ad2d0eb57e07ab502a0b4ea97a88232547009921633a44bc5c632e3f1a306051b35e17d083869eb6618d1cf379028562d1cabae5aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 851598ca07f8134e21fbdd7d77d791d3 |
| SHA1 | a226495c8be1d7eb6c9f9df1c11c1267361d1c30 |
| SHA256 | dcaaa67c3f1acbb3463a85e156fa054af5931832d34dd09ca5516725952f8d6c |
| SHA512 | 036ef6dc01b12c42cfb8a5f73e0153eeb2b49b23858bd87bf882121b8064b5594710cd9c90f66dc6c275d4d57b768c777d16f6beafc03abe2e79a9fe6417ba7a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 2a53037439c7d1ddb1387b5090ddcc23 |
| SHA1 | 0a13b348d942ee2fb7942066ac335b12285dd4f7 |
| SHA256 | dfd2d097a39cac361539e2b7cccf7ed904af17ae720f193db9a48f667b561a87 |
| SHA512 | 70657ab82ee235d36ab58a50a91b7078208e71a7348e8523c32748615e9a31525ef2207707e5b391ab234fc873df48fe4c2b1a734c4cd45bb7ccd2919685b6c9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
memory/5284-181-0x0000000000A20000-0x0000000001B26000-memory.dmp
memory/5284-182-0x0000000006840000-0x0000000006848000-memory.dmp
memory/5284-183-0x0000000006890000-0x00000000068C8000-memory.dmp
memory/5284-184-0x0000000006850000-0x000000000685E000-memory.dmp
memory/5284-185-0x0000000006A80000-0x0000000006B30000-memory.dmp
memory/5284-186-0x0000000006EF0000-0x0000000006F66000-memory.dmp
memory/5284-189-0x0000000006EA0000-0x0000000006EC2000-memory.dmp
memory/5284-190-0x0000000006F70000-0x0000000006F8E000-memory.dmp
memory/5284-191-0x0000000007420000-0x0000000007774000-memory.dmp
memory/5284-192-0x0000000007890000-0x000000000792C000-memory.dmp
memory/5284-193-0x0000000008C40000-0x0000000008C48000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 793d5df67dd2bdac5b13002fe6a56feb |
| SHA1 | d7c7e4fc13101e854103ae0d372f6920eb1e6da7 |
| SHA256 | b89c6850b95a11456edd863216a85ff4f7d1b62941fb1f57ac975f821e7623e7 |
| SHA512 | 0dec6027427b4980f58d5f5c15b2bbc8a3de5b1b65335ddea7656d0511d022e031f61d11dd18cb0abd2e22e8accec6433e6faaa00f4d7720a8d0e7b003baf8c7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | 838a7b32aefb618130392bc7d006aa2e |
| SHA1 | 5159e0f18c9e68f0e75e2239875aa994847b8290 |
| SHA256 | ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa |
| SHA512 | 9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log
| MD5 | cc81f5b1490562af6db9d56e0800d117 |
| SHA1 | 883fe909f72f59d181b6845b2f3498c3c47d1b30 |
| SHA256 | 6b8c824b5dc9278d86c0e9397413ae174e837ec8d872d4820927cc1e7d2d7412 |
| SHA512 | 9f15b376e9b60482fa564d6a397f6c729a79807682e35e8b23211fdb28c9f37ebbca5141961418c13fcbfe16f42660808fb0f39fe4f4836df7a0e69a24da70be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache
| MD5 | a9851aa4c3c8af2d1bd8834201b2ba51 |
| SHA1 | fa95986f7ebfac4aab3b261d3ed0a21b142e91fc |
| SHA256 | e708be5e34097c8b4b6ecb50ead7705843d0dc4b0779b95ef57073d80f36c191 |
| SHA512 | 41a1b4d650ff55b164f3db02c8440f044c4ec31d8ddbbbf56195d4e27473c6b1379dfad3581e16429650e2364791f5c19aae723efc11986bb986ef262538b818 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13367868737340532
| MD5 | f4ccb7aa1d7eeb1080155a771e96e84a |
| SHA1 | c7c01c9b5202ebe7014933fae27c519097577eb0 |
| SHA256 | 6efe0fb80eeeef408a0984cb93255b768e017aa4e45bb439dcd0028cd9b1c827 |
| SHA512 | fffcec8e45a9af1363230068b3fc584d94c8e524c34ffe5b74271025b45686a465e1b850d5546cdb24291f238c1944f8d819ac715f0be9ebd64917a30ee1509e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
| MD5 | f40e1dd273110776b005642288432fb5 |
| SHA1 | add365cffcc0323c09742f1dac054feb0f99bae2 |
| SHA256 | 6a1f4839cf0450cb7fc22f95db459be41b872b75770031589ae120a4667e0a33 |
| SHA512 | 5ed67d85a5ea8cb9ef31c0852fd03c1f691c6db1331f17ab769a2930d4566901667eb830af0e7edec3bd1f1ad7b2bdfa673330d0b50245fe28dec25cb4d223a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | da87d66fb739802bd036f04fb39f9221 |
| SHA1 | 65c9bc647a25b624715b1177affaad633c5ef3a4 |
| SHA256 | f825a0ae98885e72b90d6656ca1a4a75a8ac6c2a303af637a279945c1ff3d3f2 |
| SHA512 | 811698f3775d042d92cd7905e491e42b3b81100552ad195204931e982007c4c0db751ab77a46e6c5a908c3464a439b6073b6e706c9190d7817f4f3a3faf93ef8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
| MD5 | fd5257abeaf7b6d94fafa667e5fdd078 |
| SHA1 | 819f106efcd6c9cfbae6f987ae753a5ec15d0c7d |
| SHA256 | e8d728be9377cd6fa74f5b603088551e7c534f4c4e62e7391313568544ca52d5 |
| SHA512 | 48ceac36c43a4144c3e0f7b281e0dc8b4aba1aaecc9a5f71b5022af2d41db8f53b0a96c51edb9ad6d4e0af59be73179e5773d79b261eecd514fadb8ed4cdf822 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
| MD5 | 30aa6127e7c63c80fa5a0c3448720e8d |
| SHA1 | fbf6f50bb62b72cc4427e241fc036c32d77a1d91 |
| SHA256 | 9c688a1666b88781f9f2c6e282fd296764ec71ec3edcd4c99d0711adfe838b06 |
| SHA512 | a06eb4763cb0de91f31a2066903f4475e13e5a31714a265a2aed29ce1a205b2be978072272da10c53a36dbc840ce1cbbcb982836711ddf86d9ae233e214ce140 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | f86c4100387bf2641538dedb9e0d5b07 |
| SHA1 | 549e86ba24375ee618183f4323bcb73672052cb5 |
| SHA256 | 98b713daa29148ab8a183cba3772776e671b1a25b49be95f25b111cb97f24eef |
| SHA512 | d9aaaf619d3cf2715858c3d7299b59fc9603693cc71faa4477bd9c05aa628361e40bcb1106aeab44ca812d4f983cbf50a7af8bc2a5b67a851f8f08b94efa26a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
| MD5 | 55882cda203100c6d1b37a36593e9b9f |
| SHA1 | 59d86def15c3b6783739a18f048ba61871d55bb8 |
| SHA256 | b684ff70b496460b70629b27ef10bab3cd7ae48b9da55089dd1d4ab97af90bde |
| SHA512 | 3a1bc6b0f890d4b3ce80089525ef4bcdef7f0fe3478e01b5b3e8f1a3ffe92f0da2241a8bd248e7259f10137bde1520b237b6460613ba2caa3b4e3f148d879c67 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
| MD5 | 1f00d3fbbc7a6d04fdddd340cfab56ec |
| SHA1 | edd949c03b06e4b0d45a84a75ef50aa57f4b89c0 |
| SHA256 | 0d22ab29e739a0728b839da9b538ca6eb6f0066f04ba372f980012deb712af68 |
| SHA512 | c328f69267fa90263acb9fac8d046c7986447cc1443a7c8ce1068122f79cec25fd2f5c55e67e7cd32a3b73e149ad1231e5393d938665d526012f8f46a6e39674 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
| MD5 | a72b4558625781f441377f0020a3ecf9 |
| SHA1 | fde4ab600d4bcf76df8cb926f0cdf5ce1854269d |
| SHA256 | 3f7d702dac1bc1a3ffb54dd84605d33bed92baa7be8d109e7f85ee5049402907 |
| SHA512 | c2aa8de160905c374f026a301197236d0c06f6b06f321caf3186b3245a063f5160b2a7cba276136b7d80950e78bee5205bed3292d11fc4cdb54bb94df706fa6a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0
| MD5 | 3d85b028ecb81f608d3bb775b0ce6555 |
| SHA1 | a45b7077d5bf821d4d70261c5f9e7df6d754bfc9 |
| SHA256 | 0514816199ab0e31bf5b1a5887a9be7fadd24270c2e2150973d6b37d144654f1 |
| SHA512 | 996e45f1b903c44abc4ff13e358aee916f60cee8f8c39ee44ca259a1006397222596d6afb238aa1a46d045bbb09414a406730a93645fb8b9a11274fbba336a2f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1
| MD5 | b4518497b8bb95bd3c96857d3d94f942 |
| SHA1 | 52e05cbfe30bf1450c9d63fff754615e5494677c |
| SHA256 | 34eb65c7624fd9b88704dd2b05d40dda0248dc4ce686b9ff1c3aa9a08fb4da40 |
| SHA512 | a8a3fed5034a1323f493882f9a13b619c2b49fd8d8daa0a62646e42ba91eb5d13a7465ef717dbf150a5a474117f1551ca9f83183f6122256b8e28038a3d2d56c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3
| MD5 | 732300497ad913ea5dc34e9877287ee3 |
| SHA1 | 317939280ae239bd81cc54bcf92974f8991eb621 |
| SHA256 | 56739a3d5e0cab510a959759946899bee6462af1bd57769fcd0946d040f7380e |
| SHA512 | 5ea60ce03566a37643f693c9249e631f3218ceba43febd3c416c22b37b2df09c73ecdd753c2095e7ea9e80fa3da3c76a73d3182c1bce9996a4b859db534b03cf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1
| MD5 | e919dc8981361e692cfd399fb1458863 |
| SHA1 | a8748e3837ca3d5f961f13bf8454b7c53b849615 |
| SHA256 | d31a29ac8a584df62fb8b762aef8c5992a7c0f23cf9413bf9bd4c02d3166b2a7 |
| SHA512 | 808f6f0ba0f1bf8a6feb490d5004c229cae336284032e3d663ca215d6cb20ebf5c6a16a6eb6a9b6ff02796ff751213cd3ea9b165502e0a2ab27a7a94761688d9 |
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\9cd93bc6dcf544bae69531052e64647ec02f2bb4.tbres
| MD5 | 97a531963a623ada110493c155427991 |
| SHA1 | 31db02967f0f696e38d2f7b875ea5e29fc4708c8 |
| SHA256 | 8233f5efbfbf7afa4cf43367f22d034221a5715d663a8e4e85ce4ae67297cc57 |
| SHA512 | 1c6dca84b5074af250cb42137716a190b33e89fb6f6d7105437b88b6681973032c310e0b3bf9ec3f4dab15f56cc22a04e0a2c587adbe30ca98e78fcc3d16ad20 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0
| MD5 | d20883e803b670542a1633885e4f187b |
| SHA1 | 4946ee8556854b3edd9db8800d0554d283063ece |
| SHA256 | 76cad733f1473da50cfb28e5e2e1b2bcd7ff557a38cff460507fd1114c6b7b01 |
| SHA512 | df2da2941eeec2100ae30513b7dd4c15e508fae875a204e1810a4233e977a42b52557be4260dfd56942b1e6f8317d0621f5ea5b84d57a1585d9e1d06e0f07503 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | df5ea85fcf44325e16b6189fd79386c4 |
| SHA1 | 23ee5c1555a851feb0b577c5bca7f5a7ee9af133 |
| SHA256 | e2df37e63ecadb0ef644bf654a1c790ff49ea00f5cd4410894f26804bf04acb8 |
| SHA512 | b7974c65807a7294d1dc32cf42ddfb8cb40db0fc904db2a6d1363d3559794ad91609145eac4fdb30501a8c783733950c380d2e866f2b86c139d6641a2d2345f1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
| MD5 | 5d9ceaae435364de8cc9471b7d7cdad6 |
| SHA1 | 90825044e1f02492dbea246b74dd17786c775584 |
| SHA256 | 0fe346356059dd3638914573d47d91aed2fac0357747130c169e7708f7d9941f |
| SHA512 | 355b3ec080deecfebe1fb8e5699b68f2974ccd4adf96b314b4c4d4fdaf27e9181888b0b290c570e41c11fa84415699734662985cb91ab28acb35ff66d7e2ea68 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
| MD5 | 470be17cca6efd2aaca8da1f73f7082f |
| SHA1 | daa30f3b19a8a42775610055e00b19b73a989385 |
| SHA256 | 52eb424508d908394418ff4cccbd3c7810403b5a42afd9812063deb47476037c |
| SHA512 | 3ae684128369ff5bafc4beaa29de3e78591fae2ec973dc34bf9eb8697c9a757461906974e89f925e8a712304f8792118515ad5f561750b2b1c4c346feabbd2b2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
| MD5 | d7d9437445aa960dcea52ffe772822dc |
| SHA1 | c2bbf4ac0732d905d998c4f645fd60f95a675d02 |
| SHA256 | 4ff49903bec1197017a35995d5c5fc703caf9d496467345d783f754b723d21c1 |
| SHA512 | 335eb1ba85670550ed1e1e4e14ea4b5d14f8306125bf147a42de4def5e5f75f14c422b014414030cf30378c04f748ac875cf056adda196511a0b057b3598fe9a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
| MD5 | d4ef56c8a5a6b0c4610d49d07e86e3d0 |
| SHA1 | 7f691fd5b64c2f6836f27342d3c994eb0c058d7d |
| SHA256 | 25ca3f24d6328ba3d1699c864378a3ecbf4f89c2a4054e3672cc89aac903df2b |
| SHA512 | 6c41894cd88889cc971732e9fac6b8872e6b6d2877092fe5e66cb8c4109c6eb4dd28cde8d68fc1fff719826a2e994b39952a47108843e30f13d846719aaa46ed |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
| MD5 | 1910066ae8475d5bfc64339bd24593c5 |
| SHA1 | 5110cab1b76a3e97fab97f2f82edcd755a77ba07 |
| SHA256 | 6cf8838e2b75063cefa8fb7561e6dedcdc2ae474fd987a3d82fa070e71f8a8fa |
| SHA512 | a3be5659d3af58db9a37d35159425d62c6b53e37e542729b18d5c60136b10d96c0aeb511719895325e01b707fdf93cbc2731c7fe9f807a9b6505a5b43d87b52e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History-journal
| MD5 | 7b4a1464b0c42beb6767729e1c055e65 |
| SHA1 | c6b5d83ce28b71ecdeb23df0b8a68157e8e47043 |
| SHA256 | b7af2d75bf7bd271e7e356e5c98ee8e489d0787b443d62b2af8ed961b289deb7 |
| SHA512 | 492358018a0db1325a3f821bdc232798d0a047bcf831181fa6c08f378dda231508270e9a6bb2159b37de05f3b07cb4ac87b16311d849e994dfa2912c00833eb2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13367868737200532
| MD5 | 6fdc49b071af0ff169a4c56e89c81b0f |
| SHA1 | 35c02992384177f7da2350fd285ba2c9fb21c76a |
| SHA256 | 08729e241efd867b28f9ee8e08ca3760b45d15b4a4759a8c959b5d7653e66f89 |
| SHA512 | 931585f3ec05b14d295f0aa9dd2b7ed0d1db3d3cd898123493649f42c9b52366a30834f25099b15369cee6d4e3619d5b674d75c9a9b4086a3c924106d7cb2ced |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 367421315779c97e35e47bbbe9db071f |
| SHA1 | 776ad6ad7917c6e801a2841fa07429673c5f38d6 |
| SHA256 | 7362712239ba4d2d4c52c98d0e2dd687efabe9606f06dbac4feb5dbfc74ade5b |
| SHA512 | 50cee1ee4d8917b7be439af4087dbcc8ae083eea595dfd6d7c75de454a940ac133f73d9ccf0d2f2ebb9f7116b740087847c28e8daef0b27db28e691ada60bb37 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2462e91a3d25c29df657940161d6dabe |
| SHA1 | d911850c9d0ccb1b8fc94a8370c74eefad9c87b6 |
| SHA256 | bbcc78dad2dbe87048369b450853c4ab314e2c4e80b28223f7b61f38959d7a1a |
| SHA512 | f6c3c70ac58ad636eb954d899d2f36787bccd3904cf0519bfb1c895a6473b21486187964a36e48330c85c09b2ec292b9475b394fd9e2d8dd95de3adca388605b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | c753005e8d5d6aa656b8826df75a47e7 |
| SHA1 | 51d31b50cc69d73f73ba5d7b547a11ab2c8d53a3 |
| SHA256 | 41ac5d6bb2295e9cdec472acf63c97f417bf7f3f1a9f1a6a8483a9e46f457e12 |
| SHA512 | 8dfb070589632d8390ecadd70c1e87c9e6d67b1a4d9963e424a464af33a9446c312f439f6fbd89bf9c1178b1751947205656a4c40e8592e25872f337a3355413 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\edge_shutdown_ms.txt
| MD5 | 69266b3b069bfc01b618cf566a2c71db |
| SHA1 | 8d729507466105b91095b18515efbac743a152a5 |
| SHA256 | 730bcb907cca77d5cedae988a1cbd6a3abd226441966821d1ba96916daa1cf5d |
| SHA512 | 4a24ff4742096b254e9118efe5695152a57c6d8d834dd5d3a0c636ea86c70ff4c94208706d7bfff661767fd79e783e9c8f1a70e9e37afa43c88d5cf0a745f200 |
memory/5284-345-0x000000000FBD0000-0x0000000010174000-memory.dmp
memory/5284-346-0x000000000E430000-0x000000000E4C2000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\85962131-f3f5-4915-b1a7-e7cbbd8cab1a.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\440ce11e-df9e-46bc-807a-add068987f72.tmp
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 02c8c54cb38e1629e0df7ee96f1ec023 |
| SHA1 | 1737afac94fb552828cee4e27be1e8cd3fe6fdb6 |
| SHA256 | c515349028b320171a1a908c784c52802db022b6e08dfe01aeae2ae59da2990d |
| SHA512 | f2dfb1e0963b92b433df5e1eede6912d1fbe2ace57029f1a69e546449c87c99cb7facf013879eea05e517ea35a651b46185e12aef72b2e7b63500f6452f6d546 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\1df82443-497f-452a-b7b1-2f4fc1f70c8b.tmp
| MD5 | 6651b602fbf9a5217b2ba3f5c438d5bd |
| SHA1 | 49db7eb2d26ed784be1883ad5f9dd0d66bc89122 |
| SHA256 | 78340885749fb6bc6f8a565a29aa6cd00686e4ac846cb104c6b24278d4966d0a |
| SHA512 | 50ddc71fd776b2772c1bf41dd74e18902ea3aa1454873f1c7107f7f287d7608c320034310aaa5b56642f369ed01c4aa85c37ecf5fec8d7fdbe76e1e19664c8b6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cc3a430530485c680bc765e65a6304da |
| SHA1 | 8a7c14f2fc9bfefa68e5ee7b4210db2314e42390 |
| SHA256 | 7f8f8a7a12048fc25b6a93b75c3e7fb3714f96dfdff6e3480a17ab7e6dda9da1 |
| SHA512 | c0000e0604aaced1889432e589cec3d28388fccaf9f9926259f0b97cffe9b80df666d4c901e36403e8f1de96df9dbd893596ee70657bb21efe88f9610f3b37fc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0268c1245cea5a4b2f1f48f54c556dba |
| SHA1 | 1fd8ac3c9ac8270397bf59574fd464ec7d984e14 |
| SHA256 | 2db7ad982a589c54856a02800ab3ec34b1e92006f3f44a04bf746429ca7b36fd |
| SHA512 | fa57cb4cb40a750f44a3b38b62649654040091c163f1fc6526e4e98a6b2b4115cb122f499ecb55bc0bb6e2fafed27dde2e82fec5e6fb055a3c4682b3fe4fc4de |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 83b1722c8fd2660fb5ca4ba0f8c83b9a |
| SHA1 | 6fe1661689f214a5121ed23a6d659afbf5381215 |
| SHA256 | c0889554f34aa24e792b79f1d15a0122d09f20ae3dc6627111ac5afd6de4d8c6 |
| SHA512 | a14992e5d678eb62521c64fd67996034a654e4c79e11ac904f2c656c07d4fc0512e8fc9bc900753d979ab9d3d9e34e0c237c3ece97479d6ba62baa84a7b9ffb1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001
| MD5 | 48d2860dd3168b6f06a4f27c6791bcaa |
| SHA1 | f5f803efed91cd45a36c3d6acdffaaf0e863bf8c |
| SHA256 | 04d7bf7a6586ef00516bdb3f7b96c65e0b9c6b940f4b145121ed00f6116bbb77 |
| SHA512 | 172da615b5b97a0c17f80ddd8d7406e278cd26afd1eb45a052cde0cb55b92febe49773b1e02cf9e9adca2f34abbaa6d7b83eaad4e08c828ef4bf26f23b95584e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3bd4fd71201c5d818b3c8ccb88a1ea14 |
| SHA1 | 4306bce378bf5fe93f0bce5d1ee7e390271c869e |
| SHA256 | b653ee01e018fe8cd04a9c5c072185753a5c7d8e2868f8268d1716d8807477f9 |
| SHA512 | 79b4fe4facf1d40edfb665191c06f7a08f12b62509fc7b065945568cfad3de30a49179c3eba102abd7c5bd2192043e8ec20b42cf6df5f088e99ae42c0cd4ced5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4370c136f7714d847566b203425bc92c |
| SHA1 | 5fc80b297eae5da48a18904ba5c9309a958e55cb |
| SHA256 | e974df3106329dece5c7ecd628b7060b752d3996d75013e5b2238e9d53a42d6a |
| SHA512 | b337e2b84c941da5acc6a31e82e358f50d87a6ef38a60d94619e7db2baec1ae02aa2afd500c01f68f1f8c6e414fb35ab8538947916b32e36aab64721166c5ab2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d0b0a67d30586bd5666f8238006b61d7 |
| SHA1 | 3ef5e934650b218a9516eeafc03e5bde71f7ca48 |
| SHA256 | 1e4f9aea3a4143f06976282c60da197cef2890dfd74f461840a1bf0e5dd6eb1c |
| SHA512 | 5cc1c8c374bf3cc10262c72acc4c09bf78d97b1d5e7b062afa7481805ba559657ffbf5f55423ec644f5f9f216e48e8b4c51ad30fa890c8058dd5ccb1de66812f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | b7b9764cca520d86ac038a97d3edf8da |
| SHA1 | 73692fb9a186656f34317dab3b3afa699c7e8a51 |
| SHA256 | e7a53418f6ab1620a1027422c920cc0ce1535c2de268be60776c97f6fb8e770f |
| SHA512 | 2856794bb7c13b3119be9a8eac68dd5c4cdbf8b20bfcd641246dea9d521b8899bcd3431ed460c5e05e3a7ddd5847964b4d28750ba2470a4d4e1df7ccda1be19b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 897d3fc76c34c1c7830034df139a0e7d |
| SHA1 | 8b97d4147c3cd1a5fc4f2242f8b0197e5fce627a |
| SHA256 | e4c86f1b4424b377d1078a406eb8b6880e4176dd484ad10a2a68c57025db6b54 |
| SHA512 | 7447f0848a509af9013d32441af5c22e1b3a002473bb044e5732c67d2e72b0969cf5b1ed05e069a4ca60c352464a793df940f01c84afd732bad36596239d5712 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | f004780ac025f288579081c76b257f0c |
| SHA1 | b9aba660085a3d0a1bb55596d22a7a6885f762c7 |
| SHA256 | cc11190736b117a8ea996ed860768d3aa4b1194e4638124bf17fa802e99efe4e |
| SHA512 | 99e9b494d99846a3e22fbe5f63ff2eaf06b3832168fc6bf2d40574ae0854b0af0be4879021d2ff012d3ca1e8b212d0fcd7474dc0c722311d70b543ae015c1101 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 76d170504bb201c007d58974b6836c20 |
| SHA1 | 161c1f2a7e184563a79954f4a023a12c786f2b00 |
| SHA256 | 51196b8a710f6291c32eeb4af7c299433174b989fe0d4900a6fe3f7bce519f50 |
| SHA512 | 648bbd680e37566a2267ce77cd414f78631000d120bb092ad6bc2c5d0cdda7848fb63f89bd5120ea58b890b586099b884eed173ed47b389c4c7b10da39267545 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c4715cd71f454910f67525062b770f41 |
| SHA1 | f7c66cd5c269895d180a3dc758ce182b42399cb9 |
| SHA256 | 2055080853310551a4950d0b7298f9e84c9f273f9a2fa1d4d885badc09c232d0 |
| SHA512 | 6d9694bfd92a90424acfc7b37bd687751248b8f3af53c4c7a7a9e9899eaacb7ebfad502dddc02eab9fb555623e55a34e1fc3bd8a2485272ba7d93ad2771a898e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 429c6f7dee7b3c387631eefd5094e8b5 |
| SHA1 | c3ef0737a214e518cffc08dbc5c1dbac7276d8e4 |
| SHA256 | b335ca39ba1b582afc52b9969202ab92dcddf5a1804608d7e5149177862e008b |
| SHA512 | 8eb9c2f802bba6540df3b2a5e16d31af452632e44f130c230dfb6045570e239ee876d6a8baff361ae5a9d2e16aab4dc02aaaa78177107e17ffe0227e1a853f1a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 715d35019ad7c8b2c7a09341ae31f4c7 |
| SHA1 | 9c3fa3ec08d4c477cd597d72b011a42011bb6efd |
| SHA256 | df7010ef8b896b743d23c41e504d936f48a4b99b3da1ff4a077ccb4874362696 |
| SHA512 | 2c1507e4fbe4ee972d3cb86d256c3c5de96c38e8292898ea2f350f7378980de5fd30cba674cd51223016bef1194efab2e46dc5ecff9db892843f917bef12d455 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0a671673591c1b90d93426c195e54976 |
| SHA1 | 965a60a2e3ad0cca4a1a9dd25634a64ab374c251 |
| SHA256 | 774a412730f977aa7a66748f3c776592835ebcefc67215af33417eba1c04a46b |
| SHA512 | e42628bf4a8167a836a0c90dfe9c44e5fdd9e8a1372ab58e46abcf1a0fcc64935bbd3538476fd95f5a15d8b119c5db2da8555a5603fecdf5faddb41f7223bd59 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | d3da1faf95013439dfa92b3e53c06ac0 |
| SHA1 | f05bf153fee7d7c192baf891f2ed1605de7cf636 |
| SHA256 | 13c4a788c386161eaa01a4fd1a99a3c86de2d9e9cc54af10f9ff8ba2ed37ead9 |
| SHA512 | d215bb71fdad3a05895c140eff10372a4a9b9f0605c219d1602bf8e2e1162cfe47dfdfd43c35e48ba8ec377d1db7820ede1b71f3b1c6b0411e2af53779d8b8dd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 334d68e97a25dd7d3e569f0c25dafbe0 |
| SHA1 | db1e2abd0d8b2bda9be0ed0909f07346cf42dcff |
| SHA256 | 2b41a0b1721abb0ae4bfbb0c5af022774f5959a048e72ec67c03571110d84d9b |
| SHA512 | f466bc643ee87086e8a3d13f9e7a359126648b929206e0738e0c3c3239adfbfd5b6051272a57ab683d8a649a67d902f8c4cdab951d87b8fe19d32b03025e51c2 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 50143825034af8153a7b7300e21742a7 |
| SHA1 | 2437968e3df0dc17275d2e8d93e98bd864e8ca5e |
| SHA256 | 6138a54caf37b140aa6b888856841510b15d997c8c96e8f95138a1d876679b38 |
| SHA512 | 07b6a94a284a98d487fc2a27f677ef2d9052f190545ca66554fd38316443deb0d221e70503f543a159807a780f0a4a544b9befff15d7b5215c30bac1ad375f7f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | b37e256898470833b8c2984ecc8a17ef |
| SHA1 | 93b45785565843aabb0df4cfbfd9a91738449153 |
| SHA256 | 2ac4acd8dcf2f79c6c505fea7b25658add8fdab548954c5eea01ff0d10f3ba5b |
| SHA512 | 4af6d44ae0d7991c9daecdbe3d3f5bd74357a61574fe8d716e495a14a8dfa13ac70766e5ea951084deeb9a82b66d2b2e4835d49d25db468361975014f479dec6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 1e4f440e39d41a04b1e82a74d2782dc1 |
| SHA1 | 3d8aeb39205695c14945006e84e57f9216d3f392 |
| SHA256 | cfbce68bb594f281d7e8e61c080697554f269ed5043186a816b941398e552779 |
| SHA512 | 13e47eccc6503d50e6e27faeb19a9eaeb0c78c64525ec48558768cbe29030ed5eb0f5b69237ee5fc3e489f11f9e6d3d1771f3d3d514e9504cbaf92c5ec9e7825 |
memory/5284-1230-0x000000000E2A0000-0x000000000E426000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 17a167bec8c4efff17df8ccce1e56d49 |
| SHA1 | 14a8aaaf4d1ab8a2f9601b1ea16d62e34223d588 |
| SHA256 | 8e90d3f705534a3d7375548a448c5309d714ae40414b43c1d125babc6759f4c2 |
| SHA512 | e07c9b09e1ce31d56268f815cb4b558a33bc06dd30953b583f0c9304b95851eca6befb9d67a37bcaf83b3d79cf67d24d782fc36caad16c898a9179213468b0aa |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b233f0a274897380cd24977cabb846ce |
| SHA1 | c871bbb307c91555f88b4a81c93175eacc8bbd0a |
| SHA256 | abb5a53de17199a4d843ae5824d35a75c4125500e6e38f2e6deea19940e6bd03 |
| SHA512 | e07ffe8b2114fbb6d80d6b8489a0e425e05f9cd29d5ba58bda434afd25b35d14bba84ba874719a72b07d0065f5576a82b690b1bd343940e79d378ec900e13424 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c492406999472d5429f4efded982cf93 |
| SHA1 | d14cec642173546a908fa25674cf7fd2e1cb1c23 |
| SHA256 | fcbbc31fba9e0b993dc1a1993e2d851b3e480b388389c7a4eb0af1eac0458c7e |
| SHA512 | 37066f0ac130f7d78a4b42f521ea301273f3ea8d8033e3c6805f4790df4200e321f33414fd47e5ca84130028e33f8f2df070bd41b379506b09b68bed5119b19c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1530d1eaab7eb75215b189285f673996 |
| SHA1 | 40d67e1e41c61b988effc1c37551b3f7e5a5c4db |
| SHA256 | 6e1792f46ffb21571f4a23adeb7af4dbedfd2ef5583155efeeec241ee4fddd8a |
| SHA512 | deaad3fc9a4d316c15304d34f48fd36241eb40879c34b1748a5f82657cd215ed1498dd6f3a07c674e25643f1002b1f4389004bc59f6129ee15ebae89482c6a28 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5336f06c563dc98a760192f5b6066e4b |
| SHA1 | 5019d312c3c7f877bdd0c9ebf54adf0a0850ecdf |
| SHA256 | 3394d06389ec8154161ab636323d0c7a189b67210f10303aa70c63fbe2cb7b50 |
| SHA512 | 2ef979c01063979c7d6c65ddf37f1b5eed93651fb682e062653d8f66f89174ac9056fdbe98c5258b7b71c1ee355f54c8c0658e7dd8cefedcbde1eb1858a6ca42 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014
| MD5 | fdf09c3c067041ffdefcc9e1bdea9718 |
| SHA1 | e31cf28187466b23af697eedc92c542589b6c148 |
| SHA256 | 144754d90b3eaad27d8a11c86faadb24da4ddc251bead8e43b9ed515fafb84da |
| SHA512 | 9e32b294cfc17fd52fbdd62732571f4ee57dc0308d62af476331887d0e2446b483ceac06ba4617cfbb1c347d771c0f7ea12108bc384e93f69b180c7ca1a92268 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7317262daa1e64718b037a8d036879b0 |
| SHA1 | 4b70583c9892b3f3ad74c57fd8738f0a4bb20d29 |
| SHA256 | e82eadb72010fbbd09a213ccec091f0af94f0e9ba4052f1f54aa8cee469bace8 |
| SHA512 | 97d2ada0374532191c77cccb69f838651c3484ec8b654a196e71d838013825d12cf96774b24bb0a81868c0af25048de582cbcf80b5ff86138f258eecbb99c7ab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 626360caa0ecf2641c9fb9e1222f4df5 |
| SHA1 | b4a3ec9124237f3b7c45fffe38dc486c31fdc9d6 |
| SHA256 | 59b959db3332fe858ec9d4c7ffb6bf7a293c1ff1a1bf52c67dbf343e06be0645 |
| SHA512 | 048c7228d2dcd467c7c03bf13b756bf7d291d0e084a0604d778b00eff2f8170a5c8f7b1b45586cc82b98c4b2894016fc4a115c8d5fb6484b61d7bfdf3cd74ead |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 5f506560d67a80a3a09e3ea112c03e9e |
| SHA1 | 6dec0b87789eda444a242e733f65bb4175e5022e |
| SHA256 | 43b8019fc604c7611c128a7920205180013df4f7fae51911d0b74de5c08c8c0e |
| SHA512 | 99a58c170d1d1327799b4b09df9c905f6b7476702eddc78b5ed72ebac620122c619d1f0fecf90584362112ea05671f41755c99491abe1d5e09c467296fb1fccd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 91d125febd95d03c41217a57f558cc1d |
| SHA1 | 1205051de8b5b3d06f3459e4c6a531482c24abc4 |
| SHA256 | 26a07a2e0b4617444f948ec1e019ee54dfa525ee28fa286206d2a4095b52c07c |
| SHA512 | fbf2d69f08b3434462df36a366de4c357aa30006f581c0a71cc02209f158bbb2645989b25453056d73debaa6372fa61da3b53b8a1a2bd28b9c18769e351b4d8a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | df70b5da918c866cc10e100dce4661ae |
| SHA1 | 64c4aee23fac6cbf8c3aba20935c309bd74d595c |
| SHA256 | e30268ce7f3b07f50ba51df7541dbd0f54ab8c1a1497be3302599ece967c7202 |
| SHA512 | 9bc3690bf8995ea18da10cb6c8e4938d78b8606dbec21d31c48c48c132657446ba4b236d1329f18a582fab62ac6ce7897b1c015fd44e53c12a275a1250146469 |
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
| MD5 | 3191d6165056c1d4283c23bc0b6a0785 |
| SHA1 | d072084d2cac90facdf6ee9363c71a79ff001016 |
| SHA256 | cbd127eca5601ef7b8f7bec72e73cf7ae1386696c68af83a252c947559513791 |
| SHA512 | ac0fa1c6e8192395ec54f301bc9294c2a13cb50698d79d1ca32db9d4deb4852e7607032733d721bc5c9fd8d1ce5610dd73b30b66e0302141377f263a3b7fa0f3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | cc8c80e82910b05eeb4a20b4387c4f35 |
| SHA1 | a8526c48966d6c6434cad9b3e92b8b798950de0b |
| SHA256 | 6f154a3255216ec2fd08c424eb86c9383cb442217da3e159a4163ae807d2c0a3 |
| SHA512 | f2e2bfb63a87df88fbf31f570ae86ae791c0aac1b1ed0579b5d6b9b2c344c31961e68402b4f7b305014eeeac4417ce0c842333c8becd6a647aea65e98ee996f1 |
C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe
| MD5 | 9f1edaf7fec140c4fbf752bceb8faee9 |
| SHA1 | 446e908ae656e01c864606d2cef06ed8abd96fb3 |
| SHA256 | 810a386924e8aeb9ad6a432067a96b9af05b2070b4a034b28c6d715d99740666 |
| SHA512 | 2a97bdf30878cabc8460b26baa810fce2f06e649a98937c4112e674ddec24a3cab259b820fd6a382a11cb7d8167b33ebe28ae7e10338a283b299b9c5a4951f0e |
C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\576e1c153e9a4c8db9cb845a7679bfcc
| MD5 | 576e1c153e9a4c8db9cb845a7679bfcc |
| SHA1 | 7fa5235289c1eb038774cdcf30be21cb72771201 |
| SHA256 | da54941bc273cb5ea3c50a3df7983f6560114d0e9f6fe196a2077e3810f561dd |
| SHA512 | a4d956c4c860ba9b652647c4fd94ba0a617d1ec3436a8fe267292d36b38805acc4f484aa65e9c45e20c10536365a13645d25acbdc4c23e7506829a6f603820af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 045933760ec7df0f832723208cc26799 |
| SHA1 | a94898d8a2dd8e488c5f1e32be7fbaaa15d32fee |
| SHA256 | 756a58a8357b240ba880940939e3f646eb7a75c640dc71db700482e5dafe6ed6 |
| SHA512 | 399b5cadfb2b0d6ff70dabc17666a2a2d56460fbf6593a7b8373578e0893f3efaf2f694d5ed5495c7152de579c7c2e5dd3b2c5bf5b3ecfec6fc4057e967078f8 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
| MD5 | 4dc57ab56e37cd05e81f0d8aaafc5179 |
| SHA1 | 494a90728d7680f979b0ad87f09b5b58f16d1cd5 |
| SHA256 | 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718 |
| SHA512 | 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b |
C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
| MD5 | a6a28c0d1a6999ef91c5b2c13400990c |
| SHA1 | 86ecee800fe4503bd606a571d192a0537e288bc5 |
| SHA256 | dbb7b45b09945423a395614b07da051ac16b9c7fb792485634f2084de80fb451 |
| SHA512 | 0de0b71e01184235c7f481d3b252fa6be6dfe955883e9bf657022f810aa91e11543fef21f83eaca681cb0b59d15eb13cd70511162c9d68904231e9d9b0d0a2ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 8607c27aa99162fc5999205afc7f01a6 |
| SHA1 | cbee97d21b96a980e8627973b2bd16786ce1fc9a |
| SHA256 | 392a252760b388924031964ac9d8037f6c0f226821d9fa925ced7a9737a073c6 |
| SHA512 | c121f7db85633035fe615b890263295230f9e364811f674ce1f521a8e0840dc09a41cd39eaa96eb0c6f90f1e5212d37bfca251971da1751b168af8ee30607aab |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4ced1c780db94ddc33b94ad331d029a4 |
| SHA1 | 9c8c09aadbc17c5547ba37f28437a0c5168e00d5 |
| SHA256 | f5c394e0eed5a122cd990ec22caf8ab30e9e67365950d57cbfc48f763646107f |
| SHA512 | 7d3b68f8fdde24715c5db0e922dd61af50ac180e44d1b1ebc6c873c5d2d7dfaacfa88abf46655b0ee4faad8c0db1bd8dee3bd3e361bd29dcc3eee45ac35eec90 |
memory/5024-2059-0x0000000000EE0000-0x0000000000F15000-memory.dmp
memory/5024-2060-0x000000006A2B0000-0x000000006A4C0000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 112b147d674c9b70f8614a815f9a1b74 |
| SHA1 | 7701da9ac9d8e0d34a86bb9cc6766c55e7641a12 |
| SHA256 | 093e689c222e3e0050efc33b5d894ebeecd9b6380135925f24870c08a2dcc781 |
| SHA512 | b1ea0d1d338beb82c5fb521a1de05241706fce6f154cc78a9c4772c1e30c5c202909dffb5393ba2cc23af3b7f293c0cc60272b1fa716e8e6e7c6aba279c74510 |
C:\Program Files\MsEdgeCrashpad\settings.dat
| MD5 | b3bf59b09ec7037b8c7f246795fede0e |
| SHA1 | 195c599e2032bc2c0f90c0b98d306cd64e24faa7 |
| SHA256 | 105647640194eb331114c8ffa7f422bce889bf43ad955c4662af1e9ca56202ec |
| SHA512 | 3c1fe7b80db91e7b0e042772b43885b13ab0f6e6e7af128e7852beb78a2f683870ac66d3ea5bf1e8dd0714b566e46ab463ce208e45d5490caad7e1bc7ae41032 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 704753e32311a1ec832d0cf59e7f6d52 |
| SHA1 | 334dd5373a6cdc452eaf835fe94417334e96cecc |
| SHA256 | 9f961db4c767a48b631a13274fbf98b6a6ad30ceb281bc5a90e028e83fa10dff |
| SHA512 | 5f279d88ef5a1a4a5afc2dd28e1f44ed018f48d4cb5cdbab569eeb139e22ac0183f8328f21ff5da5b194af3b6fc4dcba70198ae110f302cddc18f589b14acf7e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 8a09b7c93df4eb9dd09136ba6c165822 |
| SHA1 | 9da5838abace0ff09ec1224d415408a3cfdbb402 |
| SHA256 | 8e74ab6623f641f7500ee3b61c32f9bec762f7415118be8e8b052e617dab64fa |
| SHA512 | 2585aab8133998de6b79499d9bf3b11ad70f5bcc6c6fe87106576bca07d9bd69b0d8dca601f08c4a1b2544394d4f180caa93696985ac5fc97c01406ff3a3cd89 |
memory/5024-2117-0x000000006A2B0000-0x000000006A4C0000-memory.dmp
C:\Program Files (x86)\Microsoft\EdgeCore\127.0.2651.98\Installer\setup.exe
| MD5 | 527503f430c5fd4a542f8c0f163fde47 |
| SHA1 | 6b4db644895df6c71b547d8b147ef3e327418f9d |
| SHA256 | d1d9b6fa51141f58b95191c8a62cc5a4c9568ba4b70e3deba4e1929df9a97628 |
| SHA512 | ece940340ba2216966b6d4b28a950826b55f8987998c101c534331674376b148dfbfacaf5c78695944bf940dea07ed4887f9572e09c118e307752036679850b8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 78172523e5e15d2a8c444b6eaed39ade |
| SHA1 | 4fe1850179559378c2cfc2eee093bd98aea75fb9 |
| SHA256 | 303bbcb2afb0580ce335c9014188999a58940827f03e4e74be46d805b115ff9a |
| SHA512 | 190c0ec58c2ec7e3da1c3bd3a858e1351931c0d5687d708488841e93246931a81d11046001a9c4c7f85b0ab6c83c18b2fd489282f359ca3be53f6fd033aa53d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4ff451aa546f1afcea4976be97290653 |
| SHA1 | cfd9141bb5db4ef87d4766aea5f7c533e6efaa4e |
| SHA256 | 7e3bda4b09131a6c98e344c2972d929ea7f2bc9e6e95fd06d9b5a543e98f076e |
| SHA512 | d217ac0c784ee45bac1de0eab5702ec0fe9fa6e110195c17a62598bfc4c89c9f9ab823bec24a23ff0e7cb121ddc89f82e2237e5ed3e6521062c448a6067040a6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ae4094ac4e9d11adec40f50b98c6862f |
| SHA1 | edcac1ed5845e37d007f71719eeccc8025c9bfb9 |
| SHA256 | 1cb12b5bfc624540f5562f692b7104c2bbde20282ee96ad12cb7de13d810dbf7 |
| SHA512 | 4a4f7ba95bb4bac5f3b14dc4db7c53ab9d1de73e9e5f886b5167b2e3767e7e03fa0e2d70d247c435085218f3c79d3e02c2512fd6cff1834dc773f933bacf175d |
memory/5024-2181-0x0000000000EE0000-0x0000000000F15000-memory.dmp
memory/744-2186-0x00007FFC6F190000-0x00007FFC6F1A0000-memory.dmp
memory/744-2191-0x00007FFC6F2F0000-0x00007FFC6F320000-memory.dmp
memory/744-2194-0x00007FFC6F2F0000-0x00007FFC6F320000-memory.dmp
memory/744-2193-0x00007FFC6F2F0000-0x00007FFC6F320000-memory.dmp
memory/744-2195-0x00007FFC6F380000-0x00007FFC6F385000-memory.dmp
memory/744-2192-0x00007FFC6F2F0000-0x00007FFC6F320000-memory.dmp
memory/744-2190-0x00007FFC6F2F0000-0x00007FFC6F320000-memory.dmp
memory/744-2204-0x00007FFC6D290000-0x00007FFC6D2A0000-memory.dmp
memory/744-2203-0x00007FFC6D290000-0x00007FFC6D2A0000-memory.dmp
memory/744-2202-0x00007FFC6D290000-0x00007FFC6D2A0000-memory.dmp
memory/744-2217-0x00007FFC6F140000-0x00007FFC6F14E000-memory.dmp
memory/744-2220-0x00007FFC6F140000-0x00007FFC6F14E000-memory.dmp
memory/744-2227-0x00007FFC6D490000-0x00007FFC6D49B000-memory.dmp
memory/744-2226-0x00007FFC6D490000-0x00007FFC6D49B000-memory.dmp
memory/744-2225-0x00007FFC6D490000-0x00007FFC6D49B000-memory.dmp
memory/744-2234-0x00007FFC6CF70000-0x00007FFC6CF96000-memory.dmp
memory/744-2233-0x00007FFC6CF70000-0x00007FFC6CF96000-memory.dmp
memory/744-2232-0x00007FFC6CF70000-0x00007FFC6CF96000-memory.dmp
memory/744-2231-0x00007FFC6CF40000-0x00007FFC6CF50000-memory.dmp
memory/744-2230-0x00007FFC6CF40000-0x00007FFC6CF50000-memory.dmp
memory/744-2229-0x00007FFC6CE40000-0x00007FFC6CE50000-memory.dmp
memory/744-2228-0x00007FFC6CE40000-0x00007FFC6CE50000-memory.dmp
memory/744-2224-0x00007FFC6D490000-0x00007FFC6D49B000-memory.dmp
memory/744-2223-0x00007FFC6D490000-0x00007FFC6D49B000-memory.dmp
memory/744-2222-0x00007FFC6D470000-0x00007FFC6D480000-memory.dmp
memory/744-2221-0x00007FFC6D470000-0x00007FFC6D480000-memory.dmp
memory/744-2219-0x00007FFC6F140000-0x00007FFC6F14E000-memory.dmp
memory/744-2218-0x00007FFC6F140000-0x00007FFC6F14E000-memory.dmp
memory/744-2216-0x00007FFC6F140000-0x00007FFC6F14E000-memory.dmp
memory/744-2215-0x00007FFC6F090000-0x00007FFC6F0A0000-memory.dmp
memory/744-2213-0x00007FFC6CDC0000-0x00007FFC6CDF0000-memory.dmp
memory/744-2214-0x00007FFC6F090000-0x00007FFC6F0A0000-memory.dmp
memory/744-2212-0x00007FFC6CDC0000-0x00007FFC6CDF0000-memory.dmp
memory/744-2211-0x00007FFC6CDC0000-0x00007FFC6CDF0000-memory.dmp
memory/744-2210-0x00007FFC6CDC0000-0x00007FFC6CDF0000-memory.dmp
memory/744-2209-0x00007FFC6CDC0000-0x00007FFC6CDF0000-memory.dmp
memory/744-2208-0x00007FFC6CC50000-0x00007FFC6CC60000-memory.dmp
memory/744-2207-0x00007FFC6CC50000-0x00007FFC6CC60000-memory.dmp
memory/744-2206-0x00007FFC6CB40000-0x00007FFC6CB50000-memory.dmp
memory/744-2205-0x00007FFC6CB40000-0x00007FFC6CB50000-memory.dmp
memory/744-2201-0x00007FFC6D290000-0x00007FFC6D2A0000-memory.dmp
memory/744-2200-0x00007FFC6D290000-0x00007FFC6D2A0000-memory.dmp
memory/744-2199-0x00007FFC6D270000-0x00007FFC6D280000-memory.dmp
memory/744-2198-0x00007FFC6D270000-0x00007FFC6D280000-memory.dmp
memory/744-2197-0x00007FFC6D1E0000-0x00007FFC6D1F0000-memory.dmp
memory/744-2196-0x00007FFC6D1E0000-0x00007FFC6D1F0000-memory.dmp
memory/744-2189-0x00007FFC6F2A0000-0x00007FFC6F2B0000-memory.dmp
memory/744-2188-0x00007FFC6F2A0000-0x00007FFC6F2B0000-memory.dmp
memory/744-2187-0x00007FFC6F190000-0x00007FFC6F1A0000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6f4bb4425065fc1e3f4a1c1f0070eb0b |
| SHA1 | d50aff75de71cef0c149c9b9420c2ab40abf2a4c |
| SHA256 | ef7459e1e008c935d8b074f6bc2ee61fb1f015857a00dcfc9962af83ce7a258b |
| SHA512 | 591feb2276dcf6ed9ae856c3e33e6a3e4404207ba026ded2bf11d0978c43943b38899533c1285bc86dc22780e36622f35362dd197bc0ca63a6fc04bac5fb0cf4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 06367a4758863aba828d8ebfe18cf984 |
| SHA1 | c50828d13121870c7fb11218b039c62cf3d19998 |
| SHA256 | 8f9f981a1d04cb84363a5141fb24519863ffea3de69d21fc2d69d31160d8055c |
| SHA512 | 9c651b3f4dbea29fed99a2fc4304558cb9e304001142ab840400171c90a302ac7ff6787641be861dfbd631b46dae74acbec0dddbe545c1b8895e4ebb6feec889 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 94ae8a9a217c63363a01cb3492904703 |
| SHA1 | 32960176c1ecb7213e26bbac61cc48e640195e5a |
| SHA256 | 41641befb01fbe4f927b97f9d8c0f3c0d557f79d38dace74b98c015586812d7e |
| SHA512 | 0c32216e0a8e0bd6383f447bd74c37676c7b8d4080c4cb5e71a0df0ccc6e5dea7a4933448955c2af84964462e9339815c16861c4047b775199760a8f3f0c2f41 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7954d8bf9601fb2d3ab0b62f562bf5eb |
| SHA1 | 95ba49620818c8a4a24397d59c24b735227b685a |
| SHA256 | 7fdeca0aeb6aa915af5727efc4a5738ca06ceeb3c3f41c7ea1677854b308cde9 |
| SHA512 | b51ae561a82c240543d280d7f8d4cdfe148d081b96d9373e560aa688c389990a50d3b27d469dd042ffca56eb18b083791ba14b7ae0fb5bd1765d2e91c96e3cec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3112c9c25028a733d4a51614c10d84d7 |
| SHA1 | 46c57adf445fe2be529770217340782f9aa67cbd |
| SHA256 | 98f682d7cbd38020738c6ef46dc650df8bcf94668d4b9fd984aea0116d8dc9e2 |
| SHA512 | 0b67a46dd5473dd0a87263c02728ea079fcbbaa8606a89706f645dc337766a4beb8fdfa3589429518c3875e1cce1d0c224bdafb71e8890a85e512e0c228614a1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 63b42141baadacd98a9627c54c964af9 |
| SHA1 | a0a4a0f837f90d6c654f67d0c2af8aa15ac4511c |
| SHA256 | a56de06b961367a17080e011f494f526035a83623cf2619f7a95db72abe70103 |
| SHA512 | 0209ba72d4dbd4eebe191d8f0ee301f2b640c807a070262e97421eb8ff2b7c9bd94d3f0d38cdf6d3a61a949ab43a759913c1402f270c20dc5c49cc703a468832 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 700cd9b4e9f51afff79e540cf11a71e7 |
| SHA1 | 27217e1ff49aebf728400c95ef9298166874fc18 |
| SHA256 | c8b4e37496b7e961c6029da916af5950c0f5e46074d2812dc879025fd144c187 |
| SHA512 | f57dbd36d9ec9493fc468acccb9127e801562398aecbe42dee9d56252d771384607f781d9ccba246de4d822b165b80c421f7e3861ae26a454d229945c5aa55fe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 20c6bf463097d29d3cffda64b4e9750c |
| SHA1 | 733297b62ee33ef8295f3fc2b1a0f2e8e871fbc3 |
| SHA256 | 05332b9b004c2e429ae93c391c6f5520701de003dec886c28292bbb82a1d1964 |
| SHA512 | b0269da8f65171e3d92690688f85e0f5ce36e276bd18e56c60880cc36351ad6603dc3977481821192e77c8bde79f2fdefc208b018e44641b1519b8de81e0774e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 1a9c49930035a18cde7ac34aac2134d3 |
| SHA1 | 42b656e2d63a1bd4cfa944cdd55e8ec6ebce4d76 |
| SHA256 | 3c0d06431b5f3e33aabf61ff4e0aa691357f97261c05d10408804b92407b93d0 |
| SHA512 | e9454a5c780781be2f27465c1c78bf0a15e71e17057bc42085215b3d8037c44c7b55d237288da2f77e24f705143d50417c7e8d02f889d9ae43e3617ea57200ae |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c3f4e8f0a709dce93195b73bbad1b3a1 |
| SHA1 | 66aeb3323cca051fd943ec13f8fb105933e8fe6a |
| SHA256 | ae1f23a94dd959589e559115f19f9bedd5b93986a2c82f37c03cf3a7e79f7fd1 |
| SHA512 | 6516355367c7a2f6c73321d747b3a1cf4d572af225ad2dc93d9892ed4147cc470b5bdc8e3e633dc3c9359a67d4f98feeba21405bc2c2400a4f708cc8ce532d13 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 97dd0ea2bc565f837a06c131f0ee42dc |
| SHA1 | 95be5f461f45d134dd6d58eeb2d2831e8cb96b31 |
| SHA256 | bbe945565c0e923c23feb4c9ebcc006f2b497a5c4ff1f841c64db12034189113 |
| SHA512 | 64eb0615a96a41ad6fc9f5b3a38949d95d5bee805c6346d03e9a40293d3917c1b9e7a1a353da8b7f245d081f0c374922a0e0928c8d85f169eb33111b784e9e39 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8e0221b01a9da1e7020d20d6900f0c8e |
| SHA1 | 24b8894753bdc39dd229373308bf371d22029648 |
| SHA256 | f1882858b4eb50ffc9e971ba88dd7a11724d874bed0520b6740e18482c3364c8 |
| SHA512 | 7bf426fa07f9acf3f86e789ff35c29de2ab471907cb231460f0cfe8b3de8bbc159e096682f1f851c0525af5e4c787055af08caf27fed86082e6160f7327d205d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e687fa171b49f52bc4e19485bb2327b9 |
| SHA1 | da7c5a5425e44e5e496521cbcc09b69000c253f4 |
| SHA256 | f3d8bfa0a3e607dccae245b23d9d9905fec3ce0ad18ed73554fcfcedb898376f |
| SHA512 | a25e4205dc56c1df0bf646df5dd34eab990ac5bed7628f0e9399d6e4693e5796330a5815bb0402a3aa1be567f8d141f1d2a0a7e61747d45ac24a77f8a86643a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | aa93f2cf82c99662632a25ec6d7fa288 |
| SHA1 | 6823d58184fd7b310aaf3582baccc901d5c4d4c6 |
| SHA256 | 7562f92d5f1bb065b0d2a1d254beecbbadfdae0093197ec461d7c401e11ec589 |
| SHA512 | e967c8b37e26f8fb46ca62cad5832b9d357238eb74494aaaa4c2fc48529f36673f3cf22b6169301bc8f26f17e8be7522eca53e34f10b888bd33072c772467a5f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3dc377a8f9dc294a651000ef1ea15d4f |
| SHA1 | 40a5eb63a303ec7ba5f0057d107fb7924b67d081 |
| SHA256 | cb5baa7fff49fd92abaa49ab9f1f63476318ba6b128b1f52642ca953b3bff40a |
| SHA512 | 270ee7a3e1c3a1aa1740036703dbd742485a96c23fea8e9782aa2daf1a64a81769e5a9fc0e65adddd820427d34d2859b224e1a203d49ec1039ad572c7ce26dee |
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\AC\Microsoft\Internet Explorer\DOMStore\QKJHZK6M\microsoft.windows[1].xml
| MD5 | c80e07f2e2bce84e8f3380b42ba6bd94 |
| SHA1 | 33e20b05fc67a22ac3f3c214a32057254f97f2e7 |
| SHA256 | 14808d37f1d44780098ddc2af07f7862b3c0c5ab1bfed6b267621e0a332a8bbd |
| SHA512 | f5adf8b7bbc1b450249034376f7df69eaf2a7be8e516d511bb82828c19efddbee9247d20e4b4c629b7fe58c9391c31fbf48bdb1b857ca13e5f52b80cb7883f24 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\61a3874d-f769-42a3-87d0-22931674458c.tmp
| MD5 | 4a9118c6fa95d26b682d6c4f8a35267d |
| SHA1 | 130a77fb2fd8186b6a4de77392be47de67050ddb |
| SHA256 | ff6b2be3b5ae203990101005012af34d5ff2923fe540b1b9016bf6e4f75712bc |
| SHA512 | a6ccf86b5124b471b43d533da70a73da0d43985467cec143607dd86ceadb140d89d6f10a3272956d711dc6a78682399bce510e8e753894268d674ac5b7e953c9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4ec963f6fba042720710054131a18a66 |
| SHA1 | e9504aff6b234eec80893e1cb2f2ee02c8fc5ace |
| SHA256 | a9e392b608f0d223b8b71735b29916dda3b628b4552775a0c1906d64db13337a |
| SHA512 | 1146939a7bb866ffa9eeb9356a534ffced4209c5888b4d719d74aef3c8cf6336a80b70d2a5a949cda333855a618c3811f88afa22c712fc192dd6bec37b44d3ed |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 4cac357bf24f523841d64a4775f0aa54 |
| SHA1 | 78b550849a3899d802ec8798fac15a7401580ba9 |
| SHA256 | 04e85566882a2bc4e8d6d31ceefcd36b4c0a5b3cc3885321ea274abf780ce5c2 |
| SHA512 | f9b9107b26c3ac0ae71c1a24c5e240f984663322eea15ecf6ad4d2e30cb444b78bb3da3d3c9229c37ebba39061fa283f94f02376524abd7d09f02cdb632159d9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | e107a35efbcb39ec95f86a9206badbae |
| SHA1 | a49a00ef554cc164fc012a04642cf7d9a3c107d8 |
| SHA256 | e34544d9555483e4ca11264ed68ff49626ff222d26e418d5a29836044e0ba158 |
| SHA512 | cce58a7de7858ef75c2af813a4cf5442994bd0c9d9033ba30d34d7540a3b901860c86b29f2d16a0eab35f2b324833789bf3d17bb9809312f62b38dacf1c4254c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 78ce2e09cccc5eb5e6dc8e53ee497909 |
| SHA1 | c5848013143433e679710fd19ce1997f87165895 |
| SHA256 | c91ace0bfc6521ab9cc2147bee76b945dee6c71e38431781cff431b294ace667 |
| SHA512 | 1f2ec5596b4fd21c1540541989809ba14d6cc3b050ea90f0805db64eb8d0749624635d7ab5dc1da6299f82cdb46be9a20ff668e89290b162b68e00d251b6808e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4f079c6b40440cafd191f8ba94eb3804 |
| SHA1 | e993d88cb7071569c0bf2b0bce07bd45d05b7189 |
| SHA256 | ee6908e41ac1c6853f5c3703a57ec9a32046bb076e5f5ba5f26678468b1e2c2a |
| SHA512 | 55e6da722f1dde71f6e8efb071561943fe84add9b2bbd1a4daf3bbbde3c98ea36ce83524f81ba80549f3bf460312ad0494c1559f912d4646c87c14cbc93d2c38 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 51422a23df82a3615f25cba50d79ece5 |
| SHA1 | be25a38a14db98ebc88b5713ef69e012eabaa212 |
| SHA256 | 358c121c166ee7505e1775978c13c3091abe4b2d4bab37b4ebfea7f613cc374c |
| SHA512 | 9ed2da40b74423510373090b392674f49af781dd08a5bd727643b3b81aec2335b7796f1a0598eb666d7e76d0b220a4159174bbc1d3e96b3c3f6c706952a79fe1 |
C:\Users\Admin\Videos\Captures\desktop.ini
| MD5 | b0d27eaec71f1cd73b015f5ceeb15f9d |
| SHA1 | 62264f8b5c2f5034a1e4143df6e8c787165fbc2f |
| SHA256 | 86d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2 |
| SHA512 | 7b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | aa8b2fef3928138266b3cb38a156b764 |
| SHA1 | 3101fa28fa2219188fab8c5e1e18b5b0e70043e3 |
| SHA256 | c0cb309b112cac1b4610baefb6ed242bff5ed496bc367ad4892d56022712e8e3 |
| SHA512 | f2fe1e6003cfec47afd52e5272a4b92fda738ece73801557320f486b29de5f6ab039abaa24b02331ffabb02f53974d7e6ab7f5aa026948746cf8099ec4e79704 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d9e00e4ed05086b663469ed1fede5eff |
| SHA1 | 970c7b2167980a4b4e7e03cd97043bef2355ca5e |
| SHA256 | b3c90abd68f5451f02dd1347753ec73b9a325d3e803c7af4b131b6a8a605f051 |
| SHA512 | 1cea6c761fd86187eedef93be3db171b86a116aca6b0e8845dca9bff09f9626fe9755d0374befd88effc17e1c08d4c17013f3ae60c991bf04c44e30c6daf1f0c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 9a0ff407a84ae36face4e9fdab90d5d5 |
| SHA1 | 941bb1375a71952d52cfccd3f1af0357382c5fbe |
| SHA256 | b65d5cbe073924df37adf1fa0f11c31ce7f9346f19ecbcbaf4d470eca66cce1a |
| SHA512 | 91ecd4e6410e81d6664c01bde5f9cd357626a4b76176fc750164b4f7da655b556f019a26ad9dbbe29d6a04f2d5bbe087c2ca15e4d45dfa1c5756402490520591 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 8793e8594b131b79a430bf541550202f |
| SHA1 | d133b47eca16902cfc212a34279f0a607e4f53f1 |
| SHA256 | f1fbd4f9e78ea8c82e7e237e24426441320111f91a0273491dab5f4e4bb4a378 |
| SHA512 | f3125f61bef23ea9f22411ac6a6c267cc79d4bc84a6c808e2999366dfc9b55e1d9a4d175e12d4ac0ef8327fd94040f2f6a9114f75bc99b3857d3d0013f68f8a2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 84080af508d81a5472b5ab10c68d614d |
| SHA1 | 056c0520849f3ea7f2e6ddb2bccddf340e9a9a34 |
| SHA256 | 1229e6a4a808bee47d28caf662642c632ab74b128b0aef27305f81dd4417ff73 |
| SHA512 | 139031a6c240dca7b831fde50600b19d8a1b1ebdd90d20f6de276913c7c30169b7dafc9917f4d75e010e0e4e6a19cb4ae41ab7e438495b8758ccd25dd4975347 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | e1fbf697d147483128defe7e790b77b2 |
| SHA1 | 11c165bd5fc7353f3d1e0f661bef3b160d931c02 |
| SHA256 | a4e961a8d4c20998976954e335fa72b81661f0221a93bb2982f8fc37aae74196 |
| SHA512 | 9462088cbb2796bf5a7b68ebf534245946201c8b15ce2e2daad95a5079bb24ea1d3df97ebd66ce74dd5a6a6b35717626fcaf0336db4c0c928d42b7e94b1ab584 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | e087389f90503c77f3d51ae65d79c0bf |
| SHA1 | 326e8241574094b3f2aaf23308897964c4316d8b |
| SHA256 | d5e6f7f359a7d735d5b50712aae28769fa0807703069760a0a4e6f8d8eb4cab6 |
| SHA512 | 20b7e4360ac0e79bd53ce4bcc67a4d6b95283ff7bf2625e154eebe31f6468ef67e1342e43506a050a62e9b15a0d10624ea9eff235bdda1d4ca96c082700361c1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | a7ee007fb008c17e73216d0d69e254e8 |
| SHA1 | 160d970e6a8271b0907c50268146a28b5918c05e |
| SHA256 | 414024b478738b35312a098bc7f911300b14396d34718f78886b5942d9afe346 |
| SHA512 | 669bec67d3fc1932a921dd683e6acfdf462b9063e1726770bae8740d83503a799c2e30030f2aca7ec96df0bfd6d8b7f999f8296ee156533302161eb7c9747602 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009
| MD5 | c3c0eb5e044497577bec91b5970f6d30 |
| SHA1 | d833f81cf21f68d43ba64a6c28892945adc317a6 |
| SHA256 | eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb |
| SHA512 | 83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007
| MD5 | 710d7637cc7e21b62fd3efe6aba1fd27 |
| SHA1 | 8645d6b137064c7b38e10c736724e17787db6cf3 |
| SHA256 | c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b |
| SHA512 | 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a
| MD5 | b38fbbd0b5c8e8b4452b33d6f85df7dc |
| SHA1 | 386ba241790252df01a6a028b3238de2f995a559 |
| SHA256 | b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd |
| SHA512 | 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
| MD5 | 2e86a72f4e82614cd4842950d2e0a716 |
| SHA1 | d7b4ee0c9af735d098bff474632fc2c0113e0b9c |
| SHA256 | c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f |
| SHA512 | 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | a074f116c725add93a8a828fbdbbd56c |
| SHA1 | 88ca00a085140baeae0fd3072635afe3f841d88f |
| SHA256 | 4cdcda7d8363be5bc824064259780779e7c046d56399c8a191106f55ce2ed8a6 |
| SHA512 | 43ed55cda35bde93fc93c408908ab126e512c45611a994d7f4e5c85d4f2d90d573066082cb7b8dffce6a24a1f96cd534586646719b214ac7874132163faa5f28 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b
| MD5 | 9f8f80ca4d9435d66dd761fbb0753642 |
| SHA1 | 5f187d02303fd9044b9e7c74e0c02fe8e6a646b7 |
| SHA256 | ab481b8b19b3336deda1b9ad4680cce4958152c9f9daa60c7bd8eb6786887359 |
| SHA512 | 9c0de8e5bf16f096bf781189d813eeb52c3c8ec73fc791de10a8781e9942de06ed30ff5021ab7385c98686330049e3e610adc3e484e12ef807eec58607cfae63 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 363a7221a81a23e8371c177a83e65b10 |
| SHA1 | 6eb53532d9e9888f321a606b7047a5d05d7aaaef |
| SHA256 | 73817bda45f6abcd14626b42b0aea65beef59e4bb86d97d745dc9984847e729d |
| SHA512 | 3bab4b7672b224f2c6b7c94196c4f1d6f7f82613d804b94ed1d60de9511696e21a6dd6684630de5d1d3c06fe30e6f76cdcf42e167921db6e588d5b177ebcbdb1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 15a49ef6fb6c42222b9bb2d12a9bf319 |
| SHA1 | a9dc93b34234eb56194227f66189d01a837b8ec0 |
| SHA256 | 3d7c84239b65c9f74835bb73eb983b2a7d23736686dc765dcc66bad7f907dae4 |
| SHA512 | 68488ba90f12cc8769e8df07de736443ee859936f6c58e638bc423291040ffee4a57e5c0e453b680134d37ede7463b6202168ca63caa97975ec319af8fd3e2a0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f20101edcf57db7bc638839c29bf063b |
| SHA1 | 7f6f390b3d71bbc6a485eaf1d12e2f1af2f233f4 |
| SHA256 | e6e0b5e2905e901482d54a060f46bf8896dfb1930aca64b470b065e02bbcde2c |
| SHA512 | 1c38a9d725eb24a59ee05d7c9b42fab63877fdc0bce27c4a366acef4421ad7f63875cc4f269cba47758b4486413fce3ecda711c37ddc9134efeaba83c35ac8c4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 589c49f8a8e18ec6998a7a30b4958ebc |
| SHA1 | cd4e0e2a5cb1fd5099ff88daf4f48bdba566332e |
| SHA256 | 26d067dbb5e448b16f93a1bb22a2541beb7134b1b3e39903346d10b96022b6b8 |
| SHA512 | e73566a037838d1f7db7e9b728eba07db08e079de471baca7c8f863c7af7beb36221e9ff77e0a898ce86d4ef4c36f83fb3af9c35e342061b7a5442ca3b9024d2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | fe844077654c608d078548c875cdd044 |
| SHA1 | 9c2438a8f4b57905f2ba10b955760cfcce45e87b |
| SHA256 | a8d41a2509ec0fcdc609e23e1b8e60741b9448e2f41d9bdd41b51a5339385557 |
| SHA512 | ff51a7d3a21a0c293efbc8c55435c82818535dafa57552204ac93419a1a19ef3e18a93294eb446138e12436bf8d0bf1de8e49798b48953e645c203a4059a6e8d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | dc178530c14e2aa7465734d8b76c3916 |
| SHA1 | 82010928cfd7cfbc0af687eb87d0d96538187a57 |
| SHA256 | f56d6cc793c1cbb5b3068a954003e878e3fdcbfab6031d0ff968a9ec714064bb |
| SHA512 | 30129cac32790b3a622f089260976d888944209f49a760d6f8a46015fe0cf6e4579ebd4b66b54a5a6c1494e42b0a60c3f7a4757e71f93842d937c5d21b557651 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 8eeead00f80d621de50da2ccd33e296a |
| SHA1 | 3ce484536cb7283010afc70b0595320dc093998a |
| SHA256 | 442f5ac6899a34194e66d6d93408db004779762aa08be1c3b7c23b350e9a4a84 |
| SHA512 | c41ba1396cec2d7fdcdb27eac903798cdbf205044cbb98873cdd8200672da5447131738f2f5a2c0eec527276b0a94de46d96c20b63bb537193e114900546976b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f0d094b9595f50ef1a74f7cb64d887cd |
| SHA1 | dc657415b44e496fe47e10cf6937d6e3b2456e71 |
| SHA256 | 01be092a82da73a92443979d766397a88446f9f1a754bf18d47a1f40e3658347 |
| SHA512 | a042c79422c0ff657c36fb85ad173f1f500c25e7d28ff316e6bc21045c47e5050712beda9e4c1c248d7a8293559d09c0634bf2df35f06ca70b1414bf02158936 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00011e
| MD5 | 7e0c6ccf691c876d3554462289b0faec |
| SHA1 | 58d1db5f3046d2d6722d6d2da5e7966b6c1f5944 |
| SHA256 | 59fdb235275e456c503c3b0ccf84cab42467dbeec32873e13c723a7983f8faa4 |
| SHA512 | 6d37d2338f2e97d8d298bcd99dfd6cea8d238094f26e76d1659674ee2d41e373dd7aec8e65df94158c60d7076870a5069195e323d138fcfa5a40a6383248526b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.xbox.com_0.indexeddb.leveldb\000001.dbtmp
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 2d87d6e34ca6045fc7b5931f81732285 |
| SHA1 | 8a9a6ff632b49d485ab718e568d395679a2d862f |
| SHA256 | 95149eb2a6dc66021161db1144258b98349c06d82af39dfa9484c0f789041bea |
| SHA512 | 21c592031650a9500cf57a300013b9b01890d5692c09a9a68be02f5938675c926d769cff602c29067cd7d47e196bca895c49a20d92e2031b7660334e7e8744d0 |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.195.15\MicrosoftEdgeUpdateSetup_X86_1.3.195.15.exe
| MD5 | 90decc230b529e4fd7e5fa709e575e76 |
| SHA1 | aa48b58cf2293dad5854431448385e583b53652c |
| SHA256 | 91f0deec7d7319e57477b74a7a5f4d17c15eb2924b53e05a5998d67ecc8201f2 |
| SHA512 | 15c0c5ef077d5aca08c067afbc8865ad267abd7b82049655276724bce7f09c16f52d13d69d1449888d8075e13125ff8f880a0d92adc9b65a5171740a7c72df03 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000110
| MD5 | 9196e81f8ed7f223d765423c1f9bc8a7 |
| SHA1 | 88f9d5c2a6908cf36b8daae803578ca9e1fd2929 |
| SHA256 | a4e2bcf7ef3c6c614c2142d3c1fd44caac4eafa86a1779ac31cba164e2d89cbe |
| SHA512 | e7d23866fcac017762d2e2f18597124e9147f458d30038f78ba9f3a2bcbe479fe4792573894370ce2d6f93a00401231d9f01955fde351ff982a82ba87a8241f8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000125
| MD5 | b786554392ab690a37b2fc6c5af02b05 |
| SHA1 | e7347fa27240868174f080d1c5ab177feca6bd84 |
| SHA256 | ebe47cc89c62447316148809bda9095bd07bd5392a99ab4b8ac8b9f6764cda51 |
| SHA512 | b71cdb76464a775fca909cabd0a7435c34de3ee4e19c40f5bebba6415295f0be2f82532a2ecda043c787ea4e8c23fd4e582a4d4322923fdf603a56e3fcb8b567 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 02dd7385422bd0ac4922ac0c8afb3d6a |
| SHA1 | dca790fff86060b844f3e89499909cfa932d9dc3 |
| SHA256 | 2d7e78d1e9e2e3304043532a8204b4dd5e27e3ee49a5e2106782bb7a8faa6bc3 |
| SHA512 | df756440828f5705da77dc56eb0de555329eed00b7246c0bb0aa926227a1de9213d955b5b216d146b809a6dda3ad1e8326a3ab19439b41cf9f4eded6f1ede858 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.xbox.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a8c2be97ba4bb7b380ec1e2c250e6b50 |
| SHA1 | 460d6cb6ee561f571a72d5639b7a12aebb0dff51 |
| SHA256 | ff7a7ea744de291f4b1e7371e64d396c12e10e6b1bf0b51f99d52706459b2e92 |
| SHA512 | e1a7a01b64b3a069a4240dbacf779bd15d4308981c3ca7fcc737013fa3da44452c769f7f0a055dbca575fba52a81819e68e5f4350b0597e175d3a5fedf37f4fb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 256b2b636f0877e31794a8a6bb309229 |
| SHA1 | fb3dc6064e4719fbb1c33f53a391a87ca616c643 |
| SHA256 | 9ec84587b4ffcd3796edecc1fef782089dab97ae003d7a092fcbe0581ae7b7c4 |
| SHA512 | 7cbcb697c78985630cdde946244201a603d374a141bad12de0c5323d7049807d4a77602f982b9df55d4ee6387b429c08523760ab42f61758e6fb3411571870c8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 90a0affaa82d98e7bf6834f1838eb408 |
| SHA1 | 51dac923ba34fa9e6b2ec7474fff7de5558a9cec |
| SHA256 | 4a698c2359ec2771f39aa3218d41edbe8cd35e97d294174109d0dec8b1661256 |
| SHA512 | 0e64e9b7814b7e573608445e8abdc79a6328321b1d4dd2d7ce123fc2be4621e03be3d0d255d93b307f2ab8f523568c09fb2e67e780ab426eaf632161784e88dd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | a18c0746f9bf596873c71a996b69eb80 |
| SHA1 | 636994de7b26ead3a792cb9f657c9cd3e32d034e |
| SHA256 | 0250541a44f313fda44b05617b9f13b7969d6ec11a104a08a547a8d0391c245c |
| SHA512 | 9c615b39b455ac8d5f5a9490d480baacef8203c6ee0934713019214eaf3caa9b8cbdb015fa0db53a58a0d1bacff3e8c9c98d8dc2f89ef923f984bd1b1a8146b4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a4fb1315358235dd772c2f6dbadd4203 |
| SHA1 | e82f322b342c443281a6899fe2f67ec2bf4283d6 |
| SHA256 | 52fab980835b77b471cce39c54bdb2ff5f32032966fff63577aa055f744a234a |
| SHA512 | f2cac8be2fe0d860016ca020ef6be431adf31c7b8065fc71bb615ed82ace0ed0c19c886e70e49f1fb77bffc1bad1233f2c97f20e307100f9bd222d19551a8f12 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe60793b.TMP
| MD5 | 652e0b0b49ee148d3c4fe3aa78ef6158 |
| SHA1 | 0bb7ea01f6c672e0ffd547da0e667c6c8bb48312 |
| SHA256 | 0a1a965a50e95cf9f813c624b5e6faa71b41462e2e91adbd2ce1198b31188716 |
| SHA512 | 95ce38faf28d91ef315847185769ab5ea1bf3187a7a994dfc930a07ae3f49f16e4760bb4d8bd4e17fcca97f5a169180eaeaa0e8d894726e49e7c314a48ae57ac |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0
| MD5 | 52cd8e9914073810f433c80cee1f43fd |
| SHA1 | 138491171dd6b35138f816975b86bfba96550b74 |
| SHA256 | 5b063c84a408c7cdf00232f46fb1fdbfd2f340b07ae162b37089cc6578a880fc |
| SHA512 | d22262966eb72793120ad39df8241d5a7d2429b24356eb1be1d9b17cbc07e81b828592ecdd39e768dae85438aa0890cab95fbe8466707232736088b5a03ca024 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1
| MD5 | f621719df124c32dfc444aeb64ac2f3c |
| SHA1 | 2dac62005114378288e2a4cd62f3bf806a81eddb |
| SHA256 | 0228458b398e5131542d60504c09963eb5a70d6ccde12b79cc746591730bc442 |
| SHA512 | ffd4a665851e37e7aaed2ca8f208dcd77cf201b3a3f4caf8e21ba0d30da2d1b8fcf86ec47a8b01efdf733bf6a21b3695984b7419923e264b296894c3784eaa09 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0
| MD5 | 6bf861bb74008fe3b5cfed44288371ad |
| SHA1 | bc59cbf2ee0d669690c6dd2a6d7967c2220db2d7 |
| SHA256 | 4eca5ba88de7eaa7302f3a28dca05221b8e59d04d67707310a12df567f9af7c6 |
| SHA512 | 14793a69fa22ea84b67e19365644b7d9a9a4964a816783e7b5492e082f08a776aca082567cbfb4e5b8dce4dd54b42885d9db0c60d9a0827b45557f2ef7b77a83 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | b357e5979a89d2f496731ac08aeae94b |
| SHA1 | cbd367e4dc542b3e7bfbfb566e55f1eb32446c2f |
| SHA256 | aafc446444c608223fa544245fd91a2f24a968dd2d7e954edbc36b6a3a666486 |
| SHA512 | 35edfda2eec5284bb10ff7e22ecfe618141f4ec70491a1c8872458be637a512f1ae5866db5535f58667fbd51460ed0f4ed707f1d1bd1595fedb0906c21ac52f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | dfed1d02e2acf868e47377af9ae2877d |
| SHA1 | a0fb48aae790aa3d2878d020ef2d7cbac5c83dc8 |
| SHA256 | e66e74be0aa063574aac78db24cbcea6f8797c4b52bed7cd3e59e4402051c794 |
| SHA512 | d1f956b0a43bd7b62b85e195ba82042615c9dff9806c09b678d57da53641b8ab71ec123bf5f9a9de1686ba8d927b5f1d984b7fde28f9abccf42fbd6ec6e0be28 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5c469029925b058d33ee154fa8319b31 |
| SHA1 | 9cb76fbac0adbe3216934790e98255aff82c8d27 |
| SHA256 | e0ee43de1d7ace87b18b7f0fc18c0f9fe3537377166b124beb4cbfb6b30353f7 |
| SHA512 | 376d04000214b2113fed6baa46f21045d0ffbbbe443a43a9fcbfb494b5263374e079537d2eec907f9433203e55afc05044e52005b43164b730bf4e92df52b088 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | cd36a23d7c00bea366b2a9639a17134d |
| SHA1 | 3a8870fd61a913f3271c36c6fe82be03cb1a290a |
| SHA256 | e5dd4e1abfa809b3131eafe563d449b90b4db66142b03231c8ec6b4f8ca3ec6b |
| SHA512 | da77d27a2a6913d7362e0a6bfc71bac3f5872b4d6a6c7f7ad82d2fa1d87ce51796847bf5c397dfc789dfcac5c8e89cf7f8a1b85006c662eeda857f9f387d2e9b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\reports\a3a8574d-73a5-45dd-a5ab-d7f9fd76ef1d.dmp
| MD5 | cf523bff33551ff182d632526554a22e |
| SHA1 | 1da21c9ce12d5d644885e76676ad888dbda83aa6 |
| SHA256 | 8d5b3103f76e048fde67697875e9d98b6fb1e66026e9b3e0ff751c17568469ca |
| SHA512 | 9e336d05759816ce04c061f30d0f1418bb2e7a427ead47732b1938c4d7c235ef93a875fe298ffe3239d0f9ad5e80676a6fa14a1e3d3e40ae33bd2060a7b12425 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e243709af0e986bc65a6b4ba716ae78a |
| SHA1 | 7a859bc8b166b812062329a3b002052e43b61e51 |
| SHA256 | 0eeba98bca05c88cf0c8e6cac182822b3efb0d1c13154b9c605f865ebb000ac2 |
| SHA512 | 88fcf9b7f41e4bfd8671e0cdce7ac9584d5a66de5ed04e0c3db6e7afc23f526baa4eb35938a2ab38e36d16fd98301eef7fe9d8acda72c098e0c17986c3c86cca |
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\https___java_com_help
| MD5 | 8aaad0f4eb7d3c65f81c6e6b496ba889 |
| SHA1 | 231237a501b9433c292991e4ec200b25c1589050 |
| SHA256 | 813c66ce7dec4cff9c55fb6f809eab909421e37f69ff30e4acaa502365a32bd1 |
| SHA512 | 1a83ce732dc47853bf6e8f4249054f41b0dea8505cda73433b37dfa16114f27bfed3b4b3ba580aa9d53c3dcc8d48bf571a45f7c0468e6a0f2a227a7e59e17d62 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}_osk_exe
| MD5 | f6a5ffe5754175d3603c3a77dcfeca6b |
| SHA1 | dacd500aeef9dd69b87feae7521899040e7df1d9 |
| SHA256 | fab3529f4a4df98271fa2f6a7860a28fdc30215144b7eefbaf6d424a2847d035 |
| SHA512 | 66ec46041f1fe20203cda7a4d68b61d2e5bcdd09a36ee8171efa53fe92a9e6e023c5a254a4c43c110a99749829d7b99613f8d13dfb4c42656097cb8d224a531e |
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{6D809377-6AF0-444B-8957-A3773F02200E}_VideoLAN_VLC_VideoLAN Website_url
| MD5 | 949dd0f5804127d1c34ba36f7de7fe92 |
| SHA1 | 4fb5c38be5357f352f21740cff6b2b764be92335 |
| SHA256 | f15820f5920d9be873648342758cc8c89846321319b90c089fa6cfd6c857f6bf |
| SHA512 | 7f55348bfcb2109c7222b160e511facc0a0bc7f58cb0da0056bffe985322ea7fbfa390c26bdc119a909740db573099a3fb947619839e3adcfb911e8d1547bac2 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\{6D809377-6AF0-444B-8957-A3773F02200E}_VideoLAN_VLC_vlc_exe
| MD5 | 8ab0ccfe101f2a223bf9fc11f910ec64 |
| SHA1 | 86a7cf51b399bb786896fb77f59ee8b4844f5afe |
| SHA256 | 8cc15be591c4f70f964d3554be30283f925747d09eb71692bf40b8125e2bb68a |
| SHA512 | b862068ea8bdb828186c2bc693b1e99d622a48a82eea13886090c44e17d132ad1a96bae4a96214d9a8abeb22f7c85f4ef25a000cc1bf977fd43e67bf1064a61e |
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133678693800335595.txt
| MD5 | a8fe1b7d04e1f18aee103697b053e0c6 |
| SHA1 | d1d5d7a732b84fb1f21ebc72489ca4f0da2617de |
| SHA256 | b302200083b2d8deb95e4915683cf3b8a076833ac5628ba09e0e7fc63da2e459 |
| SHA512 | c716ab44c62776f0d564c91685edd5b7df2c16f1eb06a42cfa5043f7e2d0299cfcd9e891806f08e6dca0badfbb4eeda3076a0fa0ea720f2ca5f5d0401d6c1810 |