Malware Analysis Report

2024-11-16 12:52

Sample ID 240814-wc1e5szenr
Target https://github.com
Tags
discovery evasion execution exploit motw persistence phishing privilege_escalation spyware stealer trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file https://github.com was found to be: Likely malicious.

Malicious Activity Summary

discovery evasion execution exploit motw persistence phishing privilege_escalation spyware stealer trojan

Possible privilege escalation attempt

Creates new service(s)

Event Triggered Execution: Image File Execution Options Injection

Downloads MZ/PE file

Manipulates Digital Signatures

Checks computer location settings

Event Triggered Execution: Component Object Model Hijacking

Executes dropped EXE

Reads user/profile data of web browsers

Modifies file permissions

Loads dropped DLL

Enumerates connected drives

Mark of the Web detected: This indicates that the page was originally saved or cloned.

Checks installed software on the system

Legitimate hosting services abused for malware hosting/C2

Checks whether UAC is enabled

Looks up external IP address via web service

Checks system information in the registry

Suspicious use of NtSetInformationThreadHideFromDebugger

Suspicious use of NtCreateThreadExHideFromDebugger

Drops file in Program Files directory

Launches sc.exe

Drops file in Windows directory

System Location Discovery: System Language Discovery

Enumerates physical storage devices

Program crash

Browser Information Discovery

System Network Configuration Discovery: Internet Connection Discovery

Suspicious use of FindShellTrayWindow

Modifies data under HKEY_USERS

Modifies registry class

Modifies Internet Explorer settings

Suspicious use of SetWindowsHookEx

Suspicious use of UnmapMainImage

Suspicious use of WriteProcessMemory

Kills process with taskkill

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Suspicious behavior: EnumeratesProcesses

Modifies system certificate store

Suspicious use of SendNotifyMessage

NTFS ADS

Enumerates system info in registry

Runs net.exe

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-14 17:47

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-14 17:47

Reported

2024-08-14 17:58

Platform

win10v2004-20240802-en

Max time kernel

590s

Max time network

663s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com

Signatures

Creates new service(s)

persistence execution

Downloads MZ/PE file

Event Triggered Execution: Image File Execution Options Injection

persistence
Description Indicator Process Target
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\MicrosoftEdgeUpdate.exe N/A

Manipulates Digital Signatures

Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$Function = "SoftpubLoadSignature" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.15\FuncName = "WVTAsn1SpcPeImageDataEncode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2011\FuncName = "WVTAsn1SealingSignatureAttributeEncode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.20\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.12.2.2\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$Function = "SoftpubCleanup" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllGetSignedDataMsg\{C689AABA-8E78-11D0-8C47-00C04FC295EE}\FuncName = "CryptSIPGetSignedDataMsg" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.16.4\FuncName = "EncodeRecipientID" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$Function = "HTTPSCertificateTrust" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.20\FuncName = "WVTAsn1SpcLinkEncode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{7801EBD0-CF4B-11D0-851F-0060979387EA}\$DLL = "Cryptdlg.dll" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{189A3842-3041-11D1-85E1-00C04FC295EE}\$Function = "SoftpubLoadMessage" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.4\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.4.1.311.10.3.3\CallbackAllocFunction = "SoftpubLoadDefUsageCallData" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllRemoveSignedDataMsg\{C689AABA-8E78-11D0-8C47-00C04FC295EE}\FuncName = "CryptSIPRemoveSignedDataMsg" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\2.16.840.1.113730.4.1\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function = "SoftpubAuthenticode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Message\{189A3842-3041-11D1-85E1-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2009\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2003\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.5.5.7.3.3\DefaultId = "{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$Function = "DriverCleanupPolicy" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2221\FuncName = "WVTAsn1CatNameValueEncode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.25\FuncName = "WVTAsn1SpcLinkDecode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllRemoveSignedDataMsg\{DE351A43-8E59-11D0-8C47-00C04FC295EE}\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2009\FuncName = "WVTAsn1SpcLinkEncode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2000\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.12\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{7801EBD0-CF4B-11D0-851F-0060979387EA}\$DLL = "Cryptdlg.dll" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2001\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2004\FuncName = "WVTAsn1SpcPeImageDataDecode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$Function = "SoftpubInitialize" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.1.26\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2002\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{C6B2E8D0-E005-11CF-A134-00C04FD7BF43}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function = "SoftpubCleanup" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{189A3842-3041-11D1-85E1-00C04FC295EE}\$Function = "SoftpubCheckCert" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllPutSignedDataMsg\{DE351A42-8E59-11D0-8C47-00C04FC295EE}\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Signature\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Certificate\{00AAC56B-CD44-11D0-8CC2-00C04FC295EE}\$Function = "WintrustCertificateTrust" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\1.3.6.1.4.1.311.2.4.3\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 0\CryptSIPDllCreateIndirectData\{C689AABA-8E78-11D0-8C47-00C04FC295EE}\FuncName = "CryptSIPCreateIndirectData" C:\Windows\SysWOW64\regsvr32.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\CRYPTOGRAPHY\OID\ENCODINGTYPE 0\CRYPTSIPDLLCREATEINDIRECTDATA\{C689AAB9-8E78-11D0-8C47-00C04FC295EE} C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Usages\1.3.6.1.4.1.311.10.3.3\CallbackFreeFunction = "SoftpubFreeDefUsageCallData" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$Function = "SoftpubAuthenticode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Cleanup\{FC451C16-AC75-11D1-B4B8-00C04FB66EA0}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\1.3.6.1.4.1.311.2.1.11\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{64B9D180-8DA2-11CF-8736-00AA00A485EB}\$Function = "SoftpubAuthenticode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\CertCheck\{189A3842-3041-11D1-85E1-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{573E31F8-DDBA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{7801EBD0-CF4B-11D0-851F-0060979387EA}\$Function = "CertTrustFinalPolicy" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllEncodeObject\#2008\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\OID\EncodingType 1\CryptDllDecodeObject\#2005\Dll = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\FinalPolicy\{189A3842-3041-11D1-85E1-00C04FC295EE}\$Function = "SoftpubAuthenticode" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Cryptography\Providers\Trust\Initialization\{573E31F8-AABA-11D0-8CCB-00C04FC295EE}\$DLL = "WINTRUST.DLL" C:\Windows\SysWOW64\regsvr32.exe N/A

Possible privilege escalation attempt

exploit
Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\takeown.exe N/A
N/A N/A C:\Windows\SysWOW64\icacls.exe N/A
N/A N/A C:\Windows\SysWOW64\icacls.exe N/A
N/A N/A C:\Windows\SysWOW64\takeown.exe N/A
N/A N/A C:\Windows\SysWOW64\takeown.exe N/A
N/A N/A C:\Windows\SysWOW64\icacls.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000\Control Panel\International\Geo\Nation C:\Program Files\McAfee\WebAdvisor\UIHost.exe N/A

Event Triggered Execution: Component Object Model Hijacking

persistence privilege_escalation

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E3EC57E6-BF80-45B6-815F-00893C98ED99}\MicrosoftEdge_X64_127.0.2651.98.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E3EC57E6-BF80-45B6-815F-00893C98ED99}\EDGEMITMP_3CF23.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E3EC57E6-BF80-45B6-815F-00893C98ED99}\EDGEMITMP_3CF23.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Users\Admin\Downloads\LDPlayer9_ens_com.roblox.client_25567197_ld.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe N/A
N/A N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\installer.exe N/A
N/A N/A C:\Program Files\McAfee\Temp2228557755\installer.exe N/A
N/A N/A C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
N/A N/A F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
N/A N/A C:\Program Files\McAfee\WebAdvisor\UIHost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\16ED852B-2803-4DEE-AB44-2F25591D11E8\dismhost.exe N/A
N/A N/A C:\Program Files\McAfee\WebAdvisor\updater.exe N/A
N/A N/A C:\Program Files\ldplayer9box\Ld9BoxSVC.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
N/A N/A C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Users\Admin\Downloads\LDPlayer9_ens_com.roblox.client_25567197_ld.exe N/A
N/A N/A C:\Users\Admin\Downloads\LDPlayer9_ens_com.roblox.client_25567197_ld.exe N/A
N/A N/A C:\Users\Admin\Downloads\LDPlayer9_ens_com.roblox.client_25567197_ld.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files\McAfee\Temp2228557755\installer.exe N/A
N/A N/A C:\Windows\SysWOW64\regsvr32.exe N/A
N/A N/A C:\Windows\SYSTEM32\regsvr32.exe N/A
N/A N/A C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
N/A N/A C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
N/A N/A C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
N/A N/A C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
N/A N/A C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
N/A N/A C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
N/A N/A C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
N/A N/A F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
N/A N/A F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
N/A N/A F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
N/A N/A C:\Program Files\McAfee\WebAdvisor\UIHost.exe N/A
N/A N/A C:\Program Files\McAfee\WebAdvisor\UIHost.exe N/A
N/A N/A C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\16ED852B-2803-4DEE-AB44-2F25591D11E8\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\16ED852B-2803-4DEE-AB44-2F25591D11E8\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\16ED852B-2803-4DEE-AB44-2F25591D11E8\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\16ED852B-2803-4DEE-AB44-2F25591D11E8\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\16ED852B-2803-4DEE-AB44-2F25591D11E8\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\16ED852B-2803-4DEE-AB44-2F25591D11E8\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\16ED852B-2803-4DEE-AB44-2F25591D11E8\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\16ED852B-2803-4DEE-AB44-2F25591D11E8\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\16ED852B-2803-4DEE-AB44-2F25591D11E8\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\16ED852B-2803-4DEE-AB44-2F25591D11E8\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\16ED852B-2803-4DEE-AB44-2F25591D11E8\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\16ED852B-2803-4DEE-AB44-2F25591D11E8\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\16ED852B-2803-4DEE-AB44-2F25591D11E8\dismhost.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\16ED852B-2803-4DEE-AB44-2F25591D11E8\dismhost.exe N/A

Modifies file permissions

discovery
Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\takeown.exe N/A
N/A N/A C:\Windows\SysWOW64\icacls.exe N/A
N/A N/A C:\Windows\SysWOW64\takeown.exe N/A
N/A N/A C:\Windows\SysWOW64\icacls.exe N/A
N/A N/A C:\Windows\SysWOW64\icacls.exe N/A
N/A N/A C:\Windows\SysWOW64\takeown.exe N/A

Reads user/profile data of web browsers

spyware stealer

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\F: C:\Windows\SysWOW64\takeown.exe N/A
File opened (read-only) \??\F: C:\Windows\SysWOW64\takeown.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A discord.com N/A N/A
N/A discord.com N/A N/A

Looks up external IP address via web service

Description Indicator Process Target
N/A ident.me N/A N/A
N/A www.iplocation.net N/A N/A
N/A www.iplocation.net N/A N/A
N/A www.iplocation.net N/A N/A
N/A www.iplocation.net N/A N/A
N/A www.iplocation.net N/A N/A
N/A api.ipify.org N/A N/A
N/A api.ipify.org N/A N/A
N/A www.iplocation.net N/A N/A
N/A www.iplocation.net N/A N/A
N/A www.iplocation.net N/A N/A

Mark of the Web detected: This indicates that the page was originally saved or cloned.

phishing motw
Description Indicator Process Target
N/A https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html N/A N/A
N/A https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html N/A N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\Controls\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\models\AssetImporter\bonePreviewMesh.mesh C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\AvatarImporter\img_window_BG.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files\McAfee\WebAdvisor\telemetry\events\formatters\eventformatter_ga.luc C:\Program Files\McAfee\Temp2228557755\installer.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\TerrainTools\mt_generate.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\LegacyRbxGui\PlankSide.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\VR\toggle2D.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\Controls\DefaultController\ButtonX.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\ExtraContent\textures\ui\Controls\DesignSystem\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\ExtraContent\LuaPackages\Packages\_Index\UIBlox\UIBlox\AppImageAtlas\img_set_2x_19.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-uninstall-es-ES.js C:\Program Files\McAfee\Temp2228557755\installer.exe N/A
File created C:\Program Files (x86)\Microsoft\EdgeCore\127.0.2651.98\Locales\lv.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E3EC57E6-BF80-45B6-815F-00893C98ED99}\EDGEMITMP_3CF23.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\127.0.2651.98\Locales\tt.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E3EC57E6-BF80-45B6-815F-00893C98ED99}\EDGEMITMP_3CF23.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\AvatarToolsShared\RoundedBackgroundLeft.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\ExtraContent\textures\ui\LuaDiscussions\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\ExtraContent\textures\ui\LuaApp\icons\ic-more-about.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\127.0.2651.98\icudtl.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E3EC57E6-BF80-45B6-815F-00893C98ED99}\EDGEMITMP_3CF23.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\Controls\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\MenuBar\arrow_up.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\VoiceChat\SpeakerDark\Unmuted60.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\LayeredClothingEditor\SwitchButtonIcon.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\ExtraContent\textures\ui\Controls\DesignSystem\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\ExtraContent\textures\ui\InGameMenu\TouchControls\move_area_portrait.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\DeveloperFramework\checkbox_checked_light.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\PerformanceStats\BackgroundRounded.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\127.0.2651.98\identity_proxy\dev.identity_helper.exe.manifest C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E3EC57E6-BF80-45B6-815F-00893C98ED99}\EDGEMITMP_3CF23.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\StudioSharedUI\spawn_withoutbg_32.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\PlayerList\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\SetupMetrics\4796_13368131457578856_4796.pma C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E3EC57E6-BF80-45B6-815F-00893C98ED99}\EDGEMITMP_3CF23.tmp\setup.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\ExtraContent\translations\CoreScriptLocalization.csv C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\ExtraContent\textures\ui\LuaApp\icons\ic-more-events.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\Controls\XboxController\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-oem-ss-toast-variants-ru-RU.js C:\Program Files\McAfee\Temp2228557755\installer.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\AlignTool\AlignTool.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\Settings\Players\AddFriendIcon.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\127.0.2651.98\Locales\ja.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E3EC57E6-BF80-45B6-815F-00893C98ED99}\EDGEMITMP_3CF23.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\ExtraContent\textures\ui\ImageSet\AE\img_set_1x_2.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\VoiceChat\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\Emotes\Editor\Large\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\AlignTool\Min.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\TextureViewer\replace.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\Controls\PlayStationController\PS4\ButtonOptions.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\Settings\Players\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-pscore-toast-zh-TW.js C:\Program Files\McAfee\Temp2228557755\installer.exe N/A
File created C:\Program Files\McAfee\WebAdvisor\jslang\wa-res-upsell-toast-nb-NO.js C:\Program Files\McAfee\Temp2228557755\installer.exe N/A
File created C:\Program Files\ldplayer9box\VBoxAuth.dll F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\ExtraContent\textures\ui\LuaApp\graphic\CompactView_purplelayer.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\127.0.2651.98\copilot_provider_msix\copilot_provider_neutral.msix C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E3EC57E6-BF80-45B6-815F-00893C98ED99}\EDGEMITMP_3CF23.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\AvatarEditorImages\circle_blue.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files\McAfee\WebAdvisor\MFW\packages_web_view\webadvisor\wa-ss-toast-variants-rebranding.css C:\Program Files\McAfee\Temp2228557755\installer.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\fonts\families\Michroma.json C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\StudioToolbox\AssetPreview\Pending.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\Emotes\Large\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\ExtraContent\textures\ui\LuaChat\9-slice\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\ExtraContent\textures\ui\LuaChat\graphic\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\127.0.2651.98\Locales\ja.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E3EC57E6-BF80-45B6-815F-00893C98ED99}\EDGEMITMP_3CF23.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeWebView\Application\127.0.2651.98\Locales\pt-PT.pak C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E3EC57E6-BF80-45B6-815F-00893C98ED99}\EDGEMITMP_3CF23.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\Chat\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files\McAfee\WebAdvisor\jslang\new-tab-res-toast-cs-CZ.js C:\Program Files\McAfee\Temp2228557755\installer.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\EdgeCore\127.0.2651.98\VisualElements\SmallLogoCanary.png C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E3EC57E6-BF80-45B6-815F-00893C98ED99}\EDGEMITMP_3CF23.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\AvatarEditorImages\Stretch\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\InspectMenu\caret_tail_left.png C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File opened for modification C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\textures\ui\PlayerList\[email protected] C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\content\avatar\scripts\humanoidAnimateR15Moods.rbxm C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\Logs\DISM\dism.log C:\Windows\SysWOW64\dism.exe N/A
File opened for modification C:\Windows\Logs\DISM\dism.log C:\Users\Admin\AppData\Local\Temp\16ED852B-2803-4DEE-AB44-2F25591D11E8\dismhost.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\takeown.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\taskkill.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\taskkill.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\LDPlayer9_ens_com.roblox.client_25567197_ld.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\icacls.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language F:\LDPlayer\LDPlayer9\dnrepairer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\taskkill.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\taskkill.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\sc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\takeown.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\sc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\net1.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\sc.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\regsvr32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\net.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\icacls.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\dism.exe N/A

System Network Configuration Discovery: Internet Connection Discovery

discovery
Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Kills process with taskkill

evasion
Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\taskkill.exe N/A
N/A N/A C:\Windows\SysWOW64\taskkill.exe N/A
N/A N/A C:\Windows\SysWOW64\taskkill.exe N/A
N/A N/A C:\Windows\SysWOW64\taskkill.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key deleted \REGISTRY\MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\PROTOCOLEXECUTE\ROBLOX-PLAYER C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\UnityHubSetup.exe = "11000" C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\PROTOCOLEXECUTE\ROBLOX C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\UnityHubSetup.exe = "11000" C:\Users\Admin\Downloads\UnityHubSetup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{AB4EE1FC-0A81-4F56-B0E2-248FB78051AF} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{20191216-1750-46F0-936E-BD127D5BC264}\1.3\ = "VirtualBox Type Library" C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-604D-11E9-92D3-53CB473DB9FB}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-42DA-C94B-8AEC-21968E08355D}\ = "IDnDSource" C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-1EC6-4883-801D-77F56CFD0103} C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{20191216-26c0-4fe1-bf6f-67f633265bba}\InprocServer32 C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-4521-44CC-DF95-186E4D057C83}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-9536-4EF8-820E-3B0E17E5BBC8}\NumMethods C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-800A-40F8-87A6-170D02249A55}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{20191216-1807-4249-5BA5-EA42D66AF0BF}\InProcServer32\ = "C:\\Program Files\\ldplayer9box\\VBoxProxyStub.dll" C:\Windows\SYSTEM32\regsvr32.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB}\INPROCSERVER32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-C8E9-466B-9660-45CB3E9979E4}\ = "IExtPackManager" C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-CB63-47A1-84FB-02C4894B89A9} C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-C6FA-430E-6020-6A505D086387}\ = "IFsObjInfo" C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-E4B1-486A-8F2E-747AE346C3E9}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{20191216-c9d2-4f11-a384-53f0cf917214}\TypeLib C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-402E-022E-6180-C3944DE3F9C8} C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-0B79-4350-BDD9-A0376CD6E6E3}\ = "IExtPackBase" C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-C71F-4A36-8E5F-A77D01D76090}\NumMethods\ = "18" C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-6989-4002-80CF-3607F377D40C}\ProxyStubClsid32 C:\Windows\SYSTEM32\regsvr32.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\APPID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{D1E8B1A6-32CE-443C-8E2E-EBA90C481353}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-7966-481D-AB0B-D0ED73E28135} C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-7FF8-4A84-BD34-0C651E118BB5}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-7071-4894-93D6-DCBEC010FA91} C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\VirtualBox.VirtualBox.1\CLSID\ = "{20191216-47b9-4a1e-82b2-07ccd5323c3f}" C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-0126-43E0-B05D-326E74ABB356} C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-CF37-453B-9289-3B0F521CAF27}\ = "IStateChangedEvent" C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-402E-022E-6180-C3944DE3F9C8}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-8084-11E9-B185-DBE296E54799}\ProxyStubClsid32 C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-7FF8-4A84-BD34-0C651E118BB5}\ProxyStubClsid32 C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-EE61-462F-AED3-0DFF6CBF9904}\ = "IGuestSessionStateChangedEvent" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-CF37-453B-9289-3B0F521CAF27}\ = "IStateChangedEvent" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-8690-11E9-B83D-5719E53CF1DE}\NumMethods\ = "52" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-4A06-81FC-A916-78B2DA1FA0E5}\NumMethods C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{99F8E195-1042-4F89-A28C-89CDB74A14AE}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-EABD-4FA6-960A-F1756C99EA1C} C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{20191216-26c0-4fe1-bf6f-67f633265bba}\VersionIndependentProgID\ = "VirtualBox.VirtualBoxClient" C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-CC7B-431B-98B2-951FDA8EAB89}\ = "IHostUSBDevice" C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-4737-457B-99FC-BC52C851A44F} C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-1F04-4191-AA2F-1FAC9646AE4C} C:\Windows\SysWOW64\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-4BA3-7903-2AA4-43988BA11554}\NumMethods C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-FA1E-4CEE-91C7-6D8496BEA3C1}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3A49F783-1C7D-4D35-8F63-5C1C206B9B6E}\NumMethods\ = "17" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-D612-47D3-89D4-DB3992533948} C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-0126-43E0-B05D-326E74ABB356}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\LocalService = "edgeupdate" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-7556-4CBC-8C04-043096B02D82} C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{20191216-c9d2-4f11-a384-53f0cf917214}\InprocServer32\ThreadingModel = "Free" C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-CC87-4F6E-A0E9-47BB7F2D4BE5} C:\Windows\SysWOW64\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-7619-41AA-AECE-B21AC5C1A7E6} C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-3E78-11E9-B25E-7768F80C0E07}\NumMethods\ = "26" C:\Windows\SYSTEM32\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{20191216-7BA7-45A8-B26D-C91AE3754E37}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" C:\Windows\SYSTEM32\regsvr32.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-5637-472A-9736-72019EABD7DE}\ProxyStubClsid32 C:\Windows\SysWOW64\regsvr32.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{20191216-799A-4489-86CD-FE8E45B2FF8E}\ProxyStubClsid32\ = "{20191216-1807-4249-5BA5-EA42D66AF0BF}" C:\Windows\SysWOW64\regsvr32.exe N/A

Modifies system certificate store

evasion spyware trojan
Description Indicator Process Target
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 5c0000000100000004000000001000001900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b40300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b809000000010000000c000000300a06082b060105050703031d00000001000000100000005467b0adde8d858e30ee517b1a19ecd91400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b53000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c06200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df860b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000000f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c040000000100000010000000e94fb54871208c00df70f708ac47085b200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\47BEABC922EAE80E78783462A79F45C254FDE68B C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\47BEABC922EAE80E78783462A79F45C254FDE68B\Blob = 0f00000001000000200000003560e45b41e46b8f36537025d1d5bc02d9652a10645b0eff69e8b6a52191f335090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080b000000010000005200000047006f00200044006100640064007900200052006f006f007400200043006500720074006900660069006300610074006500200041007500740068006f00720069007400790020001320200047003200000053000000010000002500000030233021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c062000000010000002000000045140b3247eb9cc8c5b4f0d7b53091f73292089e6e5a63e2749dd3aca9198eda1400000001000000140000003a9a8507106728b6eff6bd05416e20c194da0fde1d000000010000001000000070253fbcbde32a014d38c1993098ad9903000000010000001400000047beabc922eae80e78783462a79f45c254fde68b2000000001000000c9030000308203c5308202ada003020102020100300d06092a864886f70d01010b0500308183310b30090603550406130255533110300e060355040813074172697a6f6e61311330110603550407130a53636f74747364616c65311a3018060355040a1311476f44616464792e636f6d2c20496e632e3131302f06035504031328476f20446164647920526f6f7420436572746966696361746520417574686f72697479202d204732301e170d3039303930313030303030305a170d3337313233313233353935395a308183310b30090603550406130255533110300e060355040813074172697a6f6e61311330110603550407130a53636f74747364616c65311a3018060355040a1311476f44616464792e636f6d2c20496e632e3131302f06035504031328476f20446164647920526f6f7420436572746966696361746520417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100bf716208f1fa5934f71bc918a3f7804958e9228313a6c52043013b84f1e685499f27eaf6841b4ea0b4db7098c73201b1053e074eeef4fa4f2f593022e7ab19566be28007fcf316758039517be5f935b6744ea98d8213e4b63fa90383faa2be8a156a7fde0bc3b6191405caeac3a804943b467c320df3006622c88d696d368c1118b7d3b21c60b438fa028cced3dd4607de0a3eeb5d7cc87cfbb02b53a4926269512505611a44818c2ca9439623dfac3a819a0e29c51ca9e95d1eb69e9e300a39cef18880fb4b5dcc32ec85624325340256270191b43b702a3f6eb1e89c88017d9fd4f9db536d609dbf2ce758abb85f46fccec41b033c09eb49315c6946b3e0470203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106301d0603551d0e041604143a9a8507106728b6eff6bd05416e20c194da0fde300d06092a864886f70d01010b0500038201010099db5d79d5f99759670361f17e3b0631752da1208e4f6587b4f7a69cbcd8e92fd0db5aeecf748c73b43842da057bf80275b8fda5b1d7aef6d7de13cb53107e8a46d197fab72e2b11ab90b02780f9e89f5ae9379fabe4df6cb385179d3dd9244f799135d65f04eb8083ab9a022db510f4d890c7047340ed7225a0a99fec9eab68129957c68f123a09a4bd44fd061537c19be432a3ed38e8d864f32c7e14fc02ea9fcdff076817db2290382d7a8dd154f169e35f33ca7a3d7b0ae3ca7f5f39e5e275bac5761833ce2cf02f4cadf7b1e7ce4fa8c49b4a5406c57f7dd5080fe21cfe7e17b8ac5ef6d416b243090c4df6a76bb4998465ca7a88e2e244be5cf7ea1cf5 C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\47BEABC922EAE80E78783462A79F45C254FDE68B\Blob = 19000000010000001000000021d008b47b7a2a81c8435903ded424c90f00000001000000200000003560e45b41e46b8f36537025d1d5bc02d9652a10645b0eff69e8b6a52191f335090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080b000000010000005200000047006f00200044006100640064007900200052006f006f007400200043006500720074006900660069006300610074006500200041007500740068006f00720069007400790020001320200047003200000053000000010000002500000030233021060b6086480186fd6d0107170330123010060a2b0601040182373c0101030200c062000000010000002000000045140b3247eb9cc8c5b4f0d7b53091f73292089e6e5a63e2749dd3aca9198eda1400000001000000140000003a9a8507106728b6eff6bd05416e20c194da0fde1d000000010000001000000070253fbcbde32a014d38c1993098ad9903000000010000001400000047beabc922eae80e78783462a79f45c254fde68b2000000001000000c9030000308203c5308202ada003020102020100300d06092a864886f70d01010b0500308183310b30090603550406130255533110300e060355040813074172697a6f6e61311330110603550407130a53636f74747364616c65311a3018060355040a1311476f44616464792e636f6d2c20496e632e3131302f06035504031328476f20446164647920526f6f7420436572746966696361746520417574686f72697479202d204732301e170d3039303930313030303030305a170d3337313233313233353935395a308183310b30090603550406130255533110300e060355040813074172697a6f6e61311330110603550407130a53636f74747364616c65311a3018060355040a1311476f44616464792e636f6d2c20496e632e3131302f06035504031328476f20446164647920526f6f7420436572746966696361746520417574686f72697479202d20473230820122300d06092a864886f70d01010105000382010f003082010a0282010100bf716208f1fa5934f71bc918a3f7804958e9228313a6c52043013b84f1e685499f27eaf6841b4ea0b4db7098c73201b1053e074eeef4fa4f2f593022e7ab19566be28007fcf316758039517be5f935b6744ea98d8213e4b63fa90383faa2be8a156a7fde0bc3b6191405caeac3a804943b467c320df3006622c88d696d368c1118b7d3b21c60b438fa028cced3dd4607de0a3eeb5d7cc87cfbb02b53a4926269512505611a44818c2ca9439623dfac3a819a0e29c51ca9e95d1eb69e9e300a39cef18880fb4b5dcc32ec85624325340256270191b43b702a3f6eb1e89c88017d9fd4f9db536d609dbf2ce758abb85f46fccec41b033c09eb49315c6946b3e0470203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020106301d0603551d0e041604143a9a8507106728b6eff6bd05416e20c194da0fde300d06092a864886f70d01010b0500038201010099db5d79d5f99759670361f17e3b0631752da1208e4f6587b4f7a69cbcd8e92fd0db5aeecf748c73b43842da057bf80275b8fda5b1d7aef6d7de13cb53107e8a46d197fab72e2b11ab90b02780f9e89f5ae9379fabe4df6cb385179d3dd9244f799135d65f04eb8083ab9a022db510f4d890c7047340ed7225a0a99fec9eab68129957c68f123a09a4bd44fd061537c19be432a3ed38e8d864f32c7e14fc02ea9fcdff076817db2290382d7a8dd154f169e35f33ca7a3d7b0ae3ca7f5f39e5e275bac5761833ce2cf02f4cadf7b1e7ce4fa8c49b4a5406c57f7dd5080fe21cfe7e17b8ac5ef6d416b243090c4df6a76bb4998465ca7a88e2e244be5cf7ea1cf5 C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8 C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe N/A
Set value (data) \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8\Blob = 040000000100000010000000e94fb54871208c00df70f708ac47085b0f0000000100000030000000c130bba37b8b350e89fd5ed76b4f78777feee220d3b9e729042bef6af46e8e4c1b252e32b3080c681bc9a8a1afdd0a3c0b000000010000004200000047006c006f00620061006c005300690067006e00200043006f006400650020005300690067006e0069006e006700200052006f006f007400200052003400350000006200000001000000200000007b9d553e1c92cb6e8803e137f4f287d4363757f5d44b37d52f9fca22fb97df8653000000010000001f000000301d301b060567810c010330123010060a2b0601040182373c0101030200c01400000001000000140000001f00bf46800afc7839b7a5b443d95650bbce963b1d00000001000000100000005467b0adde8d858e30ee517b1a19ecd909000000010000000c000000300a06082b060105050703030300000001000000140000004efc31460c619ecae59c1bce2c008036d94c84b81900000001000000100000005d1b8ff2c30f63f5b536edd400f7f9b4200000000100000076050000308205723082035aa00302010202107653feac75464893f5e5d74a483a4ef8300d06092a864886f70d01010c05003053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f7420523435301e170d3230303331383030303030305a170d3435303331383030303030305a3053310b300906035504061302424531193017060355040a1310476c6f62616c5369676e206e762d73613129302706035504031320476c6f62616c5369676e20436f6465205369676e696e6720526f6f742052343530820222300d06092a864886f70d01010105000382020f003082020a0282020100b62dc530dd7ae8ab903d0372b03a4b991661b2e5ffa5671d371ce57eec9383aa84f5a3439b98458ab863575d9b00880425e9f868924b82d84bc94a03f3a87f6a8f8a6127bda144d0fdf53f22c2a34f918db305b22882915dfb5988050b9706c298f82ca73324ee503a41ccf0a0b07b1d4dd2a8583896e9dff91b91bb8b102cd2c7431da20974a180af7be6330a0c596b8ebcf4ab5a977b7fae55fb84f080fe844cd7e2babdc475a16fbd61107444b29807e274abff68dc6c263ee91fe5e00487ad30d30c8d037c55b816705c24782025eb676788abba4e34986b7011de38cad4bea1c09ce1df1e0201d83be1674384b6cffc74b72f84a3bfba09373d676cb1455c1961ab4183f5ac1deb770d464773cebfbd9595ed9d2b8810fefa58e8a757e1b3cfa85ae907259b12c49e80723d93dc8c94df3b44e62680fcd2c303f08c0cd245d62ee78f989ee604ee426e677e42167162e704f960c664a1b69c81214e2bc66d689486c699747367317a91f2d48c796e7ca6bb7e466f4dc585122bcf9a224408a88537ce07615706171224c0c43173a1983557477e103a45d92da4519098a9a00737c4651aaa1c6b1677f7a797ec3f1930996f31fbea40b2e7d2c4fac9d0f050767459fa8d6d1732bef8e97e03f4e787759ad44a912c850313022b4280f2896a36cfc84ca0ce9ef8cb8dad16a7d3ded59b18a7c6923af18263f12e0e2464df0203010001a3423040300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e041604141f00bf46800afc7839b7a5b443d95650bbce963b300d06092a864886f70d01010c050003820201005e2bba749734445f764828408493ee016ee9a1b3d68025e67be4bc09913d0ffc76add7d43020bb8f60d091d61cf29cef781a2b943202c12496525202d0f3d1fcf29b396e99e11f8e43417d9a1e5bc95d9a84fc26e687f3747226ada41bd93d3b6a52a03c091e2f1e7bb333b445c7f7acb1af9360ad76aeb8b21578eb836aebffdb46ab24e5ee02fa901f59c02f5dd6b75da45c10b77253f8414eccfa781a254acafe85624361c3b437aa81d2f4d63a0fbd8d597e3047de2b6be72150335fd4679bd4b8679f3c279903ff85438e7312ca20cde861d5b166dc17d6396d0fdbcf2337a182894e1c6b3fd6a0cdaa079d3e4226aad70ceefa47bf1a527ed17581d3c98a62176d4f88a021a0263eaf6dd962301fe99828ae6e8dd58e4c726693808d2ae355c760679042565c22510fb3dc4e39ee4dddd91d7810543b6ed0976f03b51eb22373c612b29a64d0fc958524a8ffdfa1b0dc9140aedf0933abb9dd92b7f1cc91743b69eb67971b90bfe7c7a06f71bb57bfb78f5aed7a406a16cd80842d2fe102d4249443b315fc0c2b1bfd716ffccbbc75173a5e83d2c9b32f1bd59c8d7f54fe7e7ee456a387a79de1595294418f6d5bbe86959aff1a76dd40d2514a70b41f336323773fec271e59e40887ed34824a0f3ffea01dc1f56773458678f4aa29e92787c619dbc61314c33949874da097e06513f59d7756e9dab358c73af2c0cd82 C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 846436.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 541120.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 631367.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Runs net.exe

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Downloads\LDPlayer9_ens_com.roblox.client_25567197_ld.exe N/A
N/A N/A C:\Users\Admin\Downloads\LDPlayer9_ens_com.roblox.client_25567197_ld.exe N/A
N/A N/A C:\Users\Admin\Downloads\LDPlayer9_ens_com.roblox.client_25567197_ld.exe N/A
N/A N/A C:\Users\Admin\Downloads\LDPlayer9_ens_com.roblox.client_25567197_ld.exe N/A
N/A N/A C:\Users\Admin\Downloads\LDPlayer9_ens_com.roblox.client_25567197_ld.exe N/A
N/A N/A C:\Users\Admin\Downloads\LDPlayer9_ens_com.roblox.client_25567197_ld.exe N/A
N/A N/A C:\Users\Admin\Downloads\LDPlayer9_ens_com.roblox.client_25567197_ld.exe N/A
N/A N/A C:\Users\Admin\Downloads\LDPlayer9_ens_com.roblox.client_25567197_ld.exe N/A
N/A N/A C:\Users\Admin\Downloads\LDPlayer9_ens_com.roblox.client_25567197_ld.exe N/A
N/A N/A C:\Users\Admin\Downloads\LDPlayer9_ens_com.roblox.client_25567197_ld.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe N/A
N/A N/A C:\Users\Admin\Downloads\LDPlayer9_ens_com.roblox.client_25567197_ld.exe N/A
N/A N/A C:\Users\Admin\Downloads\LDPlayer9_ens_com.roblox.client_25567197_ld.exe N/A
N/A N/A C:\Users\Admin\Downloads\LDPlayer9_ens_com.roblox.client_25567197_ld.exe N/A
N/A N/A C:\Users\Admin\Downloads\LDPlayer9_ens_com.roblox.client_25567197_ld.exe N/A
N/A N/A C:\Users\Admin\Downloads\LDPlayer9_ens_com.roblox.client_25567197_ld.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\MicrosoftEdgeUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\MicrosoftEdgeUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\Downloads\LDPlayer9_ens_com.roblox.client_25567197_ld.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\Downloads\LDPlayer9_ens_com.roblox.client_25567197_ld.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\Downloads\LDPlayer9_ens_com.roblox.client_25567197_ld.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\SysWOW64\taskkill.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\SysWOW64\taskkill.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\SysWOW64\taskkill.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\SysWOW64\taskkill.exe N/A
Token: SeTakeOwnershipPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeTakeOwnershipPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeTakeOwnershipPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeTakeOwnershipPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeTakeOwnershipPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeTakeOwnershipPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeTakeOwnershipPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeTakeOwnershipPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A
Token: SeDebugPrivilege N/A F:\LDPlayer\LDPlayer9\LDPlayer.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1172 wrote to memory of 464 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 464 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 2156 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 4288 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 4288 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 4572 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 4572 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 4572 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 4572 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 4572 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 4572 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 4572 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 4572 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 4572 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 4572 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 4572 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 4572 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 4572 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 4572 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 4572 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 4572 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 4572 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 4572 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 4572 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1172 wrote to memory of 4572 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff969c346f8,0x7ff969c34708,0x7ff969c34718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2132 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2904 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5032 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5540 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5540 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4916 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5688 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5792 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5920 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1384 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1784 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5784 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5976 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3468 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaFoundationService --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=6276 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6408 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6428 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3512 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5992 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=2248 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5720 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6924 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7244 /prefetch:8

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"

C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QTk5NDJBNTYtNUQ1OC00MkUxLUE3MjEtRjhFODM3MzYzRkVGfSIgdXNlcmlkPSJ7Nzc0OTgzM0MtRDVFRC00NTlDLTkyQTEtRkRFQjk3NDM5MUM0fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9InswMTFGODE0MC04NzhDLTQzRjEtODY0Qy1DRjJGQTQxQkI0M0F9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE5NS4xNSIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjY1NDIyNjIwMTgiIGluc3RhbGxfdGltZV9tcz0iNTkzIi8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{A9942A56-5D58-42E1-A721-F8E837363FEF}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QTk5NDJBNTYtNUQ1OC00MkUxLUE3MjEtRjhFODM3MzYzRkVGfSIgdXNlcmlkPSJ7Nzc0OTgzM0MtRDVFRC00NTlDLTkyQTEtRkRFQjk3NDM5MUM0fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntFMTFEMTc1NC05RjUxLTQ2OEMtQjEwNy04NkVBODMyRDQ1NDV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTIzLjAuNjMxMi4xMjMiIG5leHR2ZXJzaW9uPSIxMjMuMC42MzEyLjEyMyIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjY1NDkyNTIwNzciLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E3EC57E6-BF80-45B6-815F-00893C98ED99}\MicrosoftEdge_X64_127.0.2651.98.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E3EC57E6-BF80-45B6-815F-00893C98ED99}\MicrosoftEdge_X64_127.0.2651.98.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E3EC57E6-BF80-45B6-815F-00893C98ED99}\EDGEMITMP_3CF23.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E3EC57E6-BF80-45B6-815F-00893C98ED99}\EDGEMITMP_3CF23.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E3EC57E6-BF80-45B6-815F-00893C98ED99}\MicrosoftEdge_X64_127.0.2651.98.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E3EC57E6-BF80-45B6-815F-00893C98ED99}\EDGEMITMP_3CF23.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E3EC57E6-BF80-45B6-815F-00893C98ED99}\EDGEMITMP_3CF23.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\MsEdgeCrashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=127.0.6533.100 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{E3EC57E6-BF80-45B6-815F-00893C98ED99}\EDGEMITMP_3CF23.tmp\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=127.0.2651.98 --initial-client-data=0x22c,0x230,0x234,0x208,0x238,0x7ff66b54b7d0,0x7ff66b54b7dc,0x7ff66b54b7e8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=4772 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6352 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5132 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7480 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5132 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2344 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7452 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6812 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7720 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7824 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2032 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7576 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7536 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7QTk5NDJBNTYtNUQ1OC00MkUxLUE3MjEtRjhFODM3MzYzRkVGfSIgdXNlcmlkPSJ7Nzc0OTgzM0MtRDVFRC00NTlDLTkyQTEtRkRFQjk3NDM5MUM0fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntBQkJDRjVENS02MkQ1LTQ1NzQtOEE4Qy04ODg1MkJDRkUyOUZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjE5MDQxLjEyODgiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7VlBRb1AxRitmcTE1d1J6aDFrUEw0UE1wV2g4T1JNQjVpenZyT0MvY2hqUT0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjMwMTcyMjYtRkUyQS00Mjk1LThCREYtMDBDM0E5QTdFNEM1fSIgdmVyc2lvbj0iIiBuZXh0dmVyc2lvbj0iMTI3LjAuMjY1MS45OCIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGluc3RhbGxhZ2U9Ii0xIiBpbnN0YWxsZGF0ZT0iLTEiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNjU2NzU4MjMyMiIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjY1Njc2MjIwMjciIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI2NzkzNzcxOTkzIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy81MjlhNDFjZC01YzBjLTRjZDAtODA2MS1iNzFmZWFhOGEzMzY_UDE9MTcyNDI2MjYyMiZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1QOEFZJTJiZFQxS1dyQ0Q3VzQ2VnRhWHExJTJmdzlJTXVZQnYxZTRMdFU3SzhJQjFBSjhQR0RmQjNtRnJjV0U0dUVnSGVJRTdRSkZzNkt5TkNMZVprQjhUQ0ElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNzI2MDY0MDgiIHRvdGFsPSIxNzI2MDY0MDgiIGRvd25sb2FkX3RpbWVfbXM9IjE2MDk1Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNjc5MzkxMTg3NiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjY4MDkxOTI2ODYiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY3NTciIHN5c3RlbV91cHRpbWVfdGlja3M9IjcyNzUwMTIxNjgiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSI5NzEiIGRvd25sb2FkX3RpbWVfbXM9IjIyNjIzIiBkb3dubG9hZGVkPSIxNzI2MDY0MDgiIHRvdGFsPSIxNzI2MDY0MDgiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIwIiBpbnN0YWxsX3RpbWVfbXM9IjQ2NTc5Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe" -app -isInstallerLaunch -clientLaunchTimeEpochMs 0

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7732 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1720 /prefetch:8

C:\Users\Admin\Downloads\UnityHubSetup.exe

"C:\Users\Admin\Downloads\UnityHubSetup.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 452 -p 4648 -ip 4648

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 4648 -s 1668

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7588 /prefetch:1

C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe" roblox-player:1+launchmode:play+gameinfo:V4Hp8i6ynf9CyZv7beLsdd2R4v4Mh8mBB2wGinIU00fW3w4b1rYz4pr3S2tkYnhIuYP6mtv7iJ1PtHAF8vUXiYRLEeZhtJS_GvwBxxNhaO5tEcT_Pd7JhBLikz3OJbU-ui66M-JL69hPFw9hmAXqwgmc-2YSzuckDk-C2Gug-8PCcmVeb5JVca37-hEu1ZaT-fN6Ihv5oQCflIXk2KQ8n05ws7-arPBFw8vVT-h8OL0+launchtime:1723657917191+placelauncherurl:https%3A%2F%2Fwww.roblox.com%2FGame%2FPlaceLauncher.ashx%3Frequest%3DRequestGame%26browserTrackerId%3D1723657662490004%26placeId%3D16261605398%26isPlayTogetherGame%3Dfalse%26joinAttemptId%3D09125e2b-5739-4e86-9ef4-4e8d61fb9ed2%26joinAttemptOrigin%3DPlayButton+browsertrackerid:1723657662490004+robloxLocale:en_us+gameLocale:en_us+channel:+LaunchExp:InApp

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\Downloads\UnityHubSetup.exe

"C:\Users\Admin\Downloads\UnityHubSetup.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4420 -ip 4420

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 4420 -s 1664

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe" C:\Users\Admin\Downloads\UnityHubSetup.exe

C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\RobloxPlayerBeta.exe" -app -isInstallerLaunch -clientLaunchTimeEpochMs 0

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7496 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3388 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7504 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7908 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5952 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7396 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6968 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7560 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7776 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2896 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8452 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8460 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8672 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8680 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8796 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9348 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9096 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9324 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8792 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8404 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10208 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9680 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9444 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9800 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8964 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9020 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9996 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6168 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8504 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7128 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7568 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8340 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7952 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7980 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8784 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6968 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10048 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8344 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5864 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10304 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9944 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10092 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9348 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8976 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8724 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9800 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8892 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7500 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10316 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9828 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7952 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4872 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8900 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10348 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9260 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10316 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10452 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8568 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9704 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10664 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8288 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9492 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10976 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11124 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11132 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11152 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6160 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11224 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10564 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9984 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10204 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7992 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9896 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10152 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9804 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9416 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=133 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9472 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=134 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10068 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9964 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=136 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10388 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=137 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9100 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=138 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9804 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=139 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8660 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=140 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7620 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=141 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=142 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3484 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=143 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9220 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=144 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8892 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=145 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10280 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=146 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9756 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=147 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11024 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=148 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8696 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=150 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9356 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=151 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6760 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=152 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10028 /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x4f8 0x328

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=153 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9136 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=154 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7908 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=155 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5752 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=157 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7328 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5800 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=159 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9820 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=160 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7492 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=161 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10608 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=162 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=163 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8864 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=164 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5620 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5676 /prefetch:8

C:\Users\Admin\Downloads\LDPlayer9_ens_com.roblox.client_25567197_ld.exe

"C:\Users\Admin\Downloads\LDPlayer9_ens_com.roblox.client_25567197_ld.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=166 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2344 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=167 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6416 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=168 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9604 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=169 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7680 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=170 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8344 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=171 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7908 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=172 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6324 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=173 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=174 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7980 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=175 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10912 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=176 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7476 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=177 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1124 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=178 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11160 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=179 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11196 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=180 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7548 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=181 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10172 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=182 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9180 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=183 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6712 /prefetch:1

C:\Windows\SysWOW64\taskkill.exe

"taskkill" /F /IM dnplayer.exe /T

C:\Windows\SysWOW64\taskkill.exe

"taskkill" /F /IM dnmultiplayer.exe /T

C:\Windows\SysWOW64\taskkill.exe

"taskkill" /F /IM dnmultiplayerex.exe /T

C:\Windows\SysWOW64\taskkill.exe

"taskkill" /F /IM bugreport.exe /T

F:\LDPlayer\LDPlayer9\LDPlayer.exe

"F:\LDPlayer\LDPlayer9\\LDPlayer.exe" -silence -downloader -openid=25567197 -language=en -path="F:\LDPlayer\LDPlayer9\"

C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe

"C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\saBSI.exe" /affid 91082 PaidDistribution=true CountryCode=GB

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=184 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=185 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9912 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=186 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11416 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=187 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11800 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=188 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11904 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=189 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9780 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=190 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6192 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=191 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12328 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=192 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12536 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=193 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12552 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=194 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12984 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=195 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3740 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=196 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6308 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=197 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12888 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=198 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11168 /prefetch:1

C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\installer.exe

"C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\\installer.exe" /setOem:Affid=91082 /s /thirdparty /upgrade

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=199 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14052 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=200 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13832 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=201 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=13408 /prefetch:1

C:\Program Files\McAfee\Temp2228557755\installer.exe

"C:\Program Files\McAfee\Temp2228557755\installer.exe" /setOem:Affid=91082 /s /thirdparty /upgrade

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=202 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14632 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=203 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14724 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=204 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14740 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=205 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=15200 /prefetch:1

C:\Windows\SYSTEM32\regsvr32.exe

regsvr32.exe /s "C:\Program Files\McAfee\WebAdvisor\win32\WSSDep.dll"

C:\Windows\SysWOW64\regsvr32.exe

/s "C:\Program Files\McAfee\WebAdvisor\win32\WSSDep.dll"

C:\Windows\SYSTEM32\regsvr32.exe

regsvr32.exe /s "C:\Program Files\McAfee\WebAdvisor\x64\WSSDep.dll"

C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe

"C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe"

F:\LDPlayer\LDPlayer9\dnrepairer.exe

"F:\LDPlayer\LDPlayer9\dnrepairer.exe" listener=721646

C:\Windows\SysWOW64\net.exe

"net" start cryptsvc

C:\Program Files\McAfee\WebAdvisor\UIHost.exe

"C:\Program Files\McAfee\WebAdvisor\UIHost.exe"

C:\Windows\SysWOW64\net1.exe

C:\Windows\system32\net1 start cryptsvc

C:\Windows\SysWOW64\regsvr32.exe

"regsvr32" Softpub.dll /s

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c dir "C:\Program Files (x86)\McAfee Security Scan" 2>nul

C:\Windows\SysWOW64\regsvr32.exe

"regsvr32" Wintrust.dll /s

C:\Windows\SysWOW64\regsvr32.exe

"regsvr32" Initpki.dll /s

C:\Windows\SysWOW64\regsvr32.exe

"C:\Windows\system32\regsvr32" Initpki.dll /s

C:\Windows\SysWOW64\regsvr32.exe

"regsvr32" dssenh.dll /s

C:\Windows\SysWOW64\regsvr32.exe

"regsvr32" rsaenh.dll /s

C:\Windows\SysWOW64\regsvr32.exe

"regsvr32" cryptdlg.dll /s

C:\Windows\SysWOW64\takeown.exe

"takeown" /f "F:\LDPlayer\LDPlayer9\vms" /r /d y

C:\Windows\SysWOW64\icacls.exe

"icacls" "F:\LDPlayer\LDPlayer9\vms" /grant everyone:F /t

C:\Windows\SysWOW64\takeown.exe

"takeown" /f "F:\LDPlayer\LDPlayer9\\system.vmdk"

C:\Windows\SysWOW64\icacls.exe

"icacls" "F:\LDPlayer\LDPlayer9\\system.vmdk" /grant everyone:F /t

C:\Windows\SysWOW64\dism.exe

C:\Windows\system32\dism.exe /Online /English /Get-Features

C:\Users\Admin\AppData\Local\Temp\16ED852B-2803-4DEE-AB44-2F25591D11E8\dismhost.exe

C:\Users\Admin\AppData\Local\Temp\16ED852B-2803-4DEE-AB44-2F25591D11E8\dismhost.exe {64999DAF-1480-492C-A5B8-4680E9703C27}

C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1220_none_7e21bc567c7ed16b\TiWorker.exe

C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1220_none_7e21bc567c7ed16b\TiWorker.exe -Embedding

C:\Windows\SysWOW64\sc.exe

sc query HvHost

C:\Windows\SysWOW64\sc.exe

sc query vmms

C:\Windows\SysWOW64\sc.exe

sc query vmcompute

C:\Program Files\McAfee\WebAdvisor\updater.exe

"C:\Program Files\McAfee\WebAdvisor\updater.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c dir "C:\Program Files (x86)\McAfee Security Scan" 2>nul

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=206 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11316 /prefetch:1

C:\Program Files\ldplayer9box\Ld9BoxSVC.exe

"C:\Program Files\ldplayer9box\Ld9BoxSVC.exe" /RegServer

C:\Windows\SYSTEM32\regsvr32.exe

"regsvr32" "C:\Program Files\ldplayer9box\VBoxC.dll" /s

C:\Windows\SysWOW64\regsvr32.exe

"regsvr32" "C:\Program Files\ldplayer9box\x86\VBoxClient-x86.dll" /s

C:\Windows\SYSTEM32\regsvr32.exe

"regsvr32" "C:\Program Files\ldplayer9box\VBoxProxyStub.dll" /s

C:\Windows\SysWOW64\regsvr32.exe

"regsvr32" "C:\Program Files\ldplayer9box\x86\VBoxProxyStub-x86.dll" /s

C:\Windows\SysWOW64\sc.exe

"C:\Windows\system32\sc" create Ld9BoxSup binPath= "C:\Program Files\ldplayer9box\Ld9BoxSup.sys" type= kernel start= auto

C:\Windows\SysWOW64\sc.exe

"C:\Windows\system32\sc" start Ld9BoxSup

C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe

"powershell.exe" New-NetFirewallRule -DisplayName "Ld9BoxSup" -Direction Inbound -Program 'C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe' -RemoteAddress LocalSubnet -Action Allow

C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe

"powershell.exe" New-NetFirewallRule -DisplayName "Ld9BoxNat" -Direction Inbound -Program 'C:\Program Files\ldplayer9box\VBoxNetNAT.exe' -RemoteAddress LocalSubnet -Action Allow

C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe

"powershell.exe" New-NetFirewallRule -DisplayName "dnplayer" -Direction Inbound -Program 'F:\LDPlayer\LDPlayer9\dnplayer.exe' -RemoteAddress LocalSubnet -Action Allow

F:\LDPlayer\LDPlayer9\driverconfig.exe

"F:\LDPlayer\LDPlayer9\driverconfig.exe"

C:\Windows\SysWOW64\takeown.exe

"takeown" /f F:\LDPlayer\ldmutiplayer\ /r /d y

C:\Windows\SysWOW64\icacls.exe

"icacls" F:\LDPlayer\ldmutiplayer\ /grant everyone:F /t

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=209 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10880 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=210 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4740 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=211 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4712 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://discord.gg/4bUcwDd53d

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff969c346f8,0x7ff969c34708,0x7ff969c34718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=212 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=14612 /prefetch:1

F:\LDPlayer\LDPlayer9\dnplayer.exe

"F:\LDPlayer\LDPlayer9\\dnplayer.exe" downloadpackage=com.roblox.client|package=com.roblox.client

C:\Program Files\ldplayer9box\Ld9BoxSVC.exe

"C:\Program Files\ldplayer9box\Ld9BoxSVC.exe" -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=213 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3500 /prefetch:1

C:\Windows\SysWOW64\sc.exe

sc query HvHost

C:\Windows\SysWOW64\sc.exe

sc query vmms

C:\Windows\SysWOW64\sc.exe

sc query vmcompute

C:\Program Files\ldplayer9box\vbox-img.exe

"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "F:\LDPlayer\LDPlayer9\vms\..\system.vmdk" --uuid 20160302-bbbb-bbbb-54d7-bbbb00000000

C:\Program Files\ldplayer9box\vbox-img.exe

"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "F:\LDPlayer\LDPlayer9\vms\leidian0\data.vmdk" --uuid 20160302-cccc-cccc-54d7-000000000000

C:\Program Files\ldplayer9box\vbox-img.exe

"C:\Program Files\ldplayer9box\vbox-img.exe" setuuid --filename "F:\LDPlayer\LDPlayer9\vms\leidian0\sdcard.vmdk" --uuid 20160302-dddd-dddd-54d7-000000000000

C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe

"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config

C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe

"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config

C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe

"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config

C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe

"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config

C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe

"C:\Program Files\ldplayer9box\Ld9BoxHeadless.exe" --comment leidian0 --startvm 20160302-aaaa-aaaa-54d7-000000000000 --vrde config

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.ldplayer.net/blog/how-to-enable-vt.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff969c346f8,0x7ff969c34708,0x7ff969c34718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=215 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10144 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=214 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11060 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=216 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8936 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2116,3632293394808285258,6038254976822226165,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=217 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11560 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 71.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.109.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 133.109.199.185.in-addr.arpa udp
US 185.199.111.154:443 github.githubassets.com tcp
US 8.8.8.8:53 154.111.199.185.in-addr.arpa udp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 205.47.74.20.in-addr.arpa udp
US 8.8.8.8:53 collector.github.com udp
US 140.82.114.22:443 collector.github.com tcp
US 8.8.8.8:53 209.205.72.20.in-addr.arpa udp
US 8.8.8.8:53 22.114.82.140.in-addr.arpa udp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
GB 92.123.142.176:443 www.bing.com tcp
GB 92.123.142.176:443 www.bing.com tcp
US 8.8.8.8:53 176.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 www.roblox.com udp
GB 128.116.119.4:80 www.roblox.com tcp
GB 128.116.119.4:80 www.roblox.com tcp
GB 128.116.119.4:443 www.roblox.com tcp
US 8.8.8.8:53 228.249.119.40.in-addr.arpa udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
GB 173.222.211.99:443 css.rbxcdn.com tcp
GB 173.222.211.99:443 css.rbxcdn.com tcp
GB 173.222.211.99:443 css.rbxcdn.com tcp
GB 173.222.211.99:443 css.rbxcdn.com tcp
GB 173.222.211.99:443 css.rbxcdn.com tcp
GB 173.222.211.99:443 css.rbxcdn.com tcp
GB 173.222.211.83:443 static.rbxcdn.com tcp
GB 92.123.140.48:443 js.rbxcdn.com tcp
GB 92.123.140.48:443 js.rbxcdn.com tcp
GB 92.123.140.48:443 js.rbxcdn.com tcp
GB 92.123.140.48:443 js.rbxcdn.com tcp
GB 92.123.140.48:443 js.rbxcdn.com tcp
GB 92.123.140.48:443 js.rbxcdn.com tcp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
GB 18.244.155.96:443 roblox-api.arkoselabs.com tcp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
GB 128.116.119.4:443 apis.roblox.com tcp
GB 128.116.119.4:443 apis.roblox.com tcp
US 8.8.8.8:53 4.119.116.128.in-addr.arpa udp
US 8.8.8.8:53 99.211.222.173.in-addr.arpa udp
US 8.8.8.8:53 83.211.222.173.in-addr.arpa udp
US 8.8.8.8:53 48.140.123.92.in-addr.arpa udp
US 8.8.8.8:53 96.155.244.18.in-addr.arpa udp
US 8.8.8.8:53 61.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 locale.roblox.com udp
GB 173.222.211.99:443 css.rbxcdn.com tcp
US 8.8.8.8:53 apis.rbxcdn.com udp
US 8.8.8.8:53 auth.roblox.com udp
GB 92.123.140.97:443 apis.rbxcdn.com tcp
US 8.8.8.8:53 images.rbxcdn.com udp
GB 173.222.211.152:443 images.rbxcdn.com tcp
GB 173.222.211.152:443 images.rbxcdn.com tcp
GB 173.222.211.152:443 images.rbxcdn.com tcp
GB 173.222.211.152:443 images.rbxcdn.com tcp
GB 173.222.211.152:443 images.rbxcdn.com tcp
GB 173.222.211.152:443 images.rbxcdn.com tcp
GB 173.222.211.152:443 images.rbxcdn.com tcp
US 8.8.8.8:53 97.140.123.92.in-addr.arpa udp
US 8.8.8.8:53 152.211.222.173.in-addr.arpa udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 192.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 81.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 88.156.103.20.in-addr.arpa udp
US 8.8.8.8:53 assetgame.roblox.com udp
US 8.8.8.8:53 ncs.roblox.com udp
US 8.8.8.8:53 roblox-api.arkoselabs.com udp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 realtime-signalr.roblox.com udp
US 8.8.8.8:53 lms.roblox.com udp
US 8.8.8.8:53 thumbnails.roblox.com udp
US 8.8.8.8:53 contacts.roblox.com udp
US 8.8.8.8:53 notifications.roblox.com udp
US 8.8.8.8:53 accountsettings.roblox.com udp
US 8.8.8.8:53 economy.roblox.com udp
US 8.8.8.8:53 friends.roblox.com udp
US 8.8.8.8:53 privatemessages.roblox.com udp
US 8.8.8.8:53 trades.roblox.com udp
US 8.8.8.8:53 usermoderation.roblox.com udp
GB 128.116.119.8:443 lms.roblox.com tcp
US 8.8.8.8:53 lga2-128-116-32-3.roblox.com udp
US 8.8.8.8:53 ord2-128-116-101-3.roblox.com udp
US 8.8.8.8:53 nrt1-128-116-120-3.roblox.com udp
US 8.8.8.8:53 sin4-128-116-50-3.roblox.com udp
US 8.8.8.8:53 aws-ap-northeast-1a-lms.rbx.com udp
US 8.8.8.8:53 roblox-poc.global.ssl.fastly.net udp
US 8.8.8.8:53 aws-ap-east-1b-lms.rbx.com udp
US 8.8.8.8:53 aws-us-east-1a-lms.rbx.com udp
US 8.8.8.8:53 aws-us-west-1c-lms.rbx.com udp
US 8.8.8.8:53 aws-us-east-2a-lms.rbx.com udp
SG 128.116.50.3:443 sin4-128-116-50-3.roblox.com tcp
HK 18.162.98.187:443 aws-ap-east-1b-lms.rbx.com tcp
US 44.213.251.180:443 aws-us-east-1a-lms.rbx.com tcp
US 151.101.129.194:443 roblox-poc.global.ssl.fastly.net tcp
US 54.193.221.12:443 aws-us-west-1c-lms.rbx.com tcp
JP 128.116.120.3:443 nrt1-128-116-120-3.roblox.com tcp
US 18.189.111.145:443 aws-us-east-2a-lms.rbx.com tcp
US 128.116.32.3:443 lga2-128-116-32-3.roblox.com tcp
US 128.116.101.3:443 ord2-128-116-101-3.roblox.com tcp
JP 54.178.179.82:443 aws-ap-northeast-1a-lms.rbx.com tcp
SG 128.116.50.3:443 sin4-128-116-50-3.roblox.com tcp
JP 128.116.120.3:443 nrt1-128-116-120-3.roblox.com tcp
JP 54.178.179.82:443 aws-ap-northeast-1a-lms.rbx.com tcp
HK 18.162.98.187:443 aws-ap-east-1b-lms.rbx.com tcp
US 8.8.8.8:53 cs.ns1p.net udp
US 8.8.8.8:53 8.119.116.128.in-addr.arpa udp
US 8.8.8.8:53 180.251.213.44.in-addr.arpa udp
US 8.8.8.8:53 3.32.116.128.in-addr.arpa udp
US 8.8.8.8:53 194.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 145.111.189.18.in-addr.arpa udp
US 8.8.8.8:53 12.221.193.54.in-addr.arpa udp
US 8.8.8.8:53 82.179.178.54.in-addr.arpa udp
US 8.8.8.8:53 3.120.116.128.in-addr.arpa udp
US 8.8.8.8:53 187.98.162.18.in-addr.arpa udp
US 8.8.8.8:53 3.50.116.128.in-addr.arpa udp
US 8.8.8.8:53 226.20.18.104.in-addr.arpa udp
US 8.8.8.8:53 3.101.116.128.in-addr.arpa udp
DE 18.184.226.141:443 cs.ns1p.net tcp
US 8.8.8.8:53 s.ns1p.net udp
DE 18.185.175.37:443 s.ns1p.net tcp
US 8.8.8.8:53 141.226.184.18.in-addr.arpa udp
US 8.8.8.8:53 37.175.185.18.in-addr.arpa udp
US 8.8.8.8:53 tr.rbxcdn.com udp
GB 92.123.140.8:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 c0aws.rbxcdn.com udp
US 8.8.8.8:53 presence.roblox.com udp
GB 108.156.46.116:443 c0aws.rbxcdn.com tcp
US 8.8.8.8:53 8.140.123.92.in-addr.arpa udp
US 8.8.8.8:53 116.46.156.108.in-addr.arpa udp
US 128.116.101.3:443 ord2-128-116-101-3.roblox.com tcp
US 151.101.129.194:443 roblox-poc.global.ssl.fastly.net tcp
US 8.8.8.8:53 b.ns1p.net udp
GB 128.116.119.8:443 lms.roblox.com tcp
US 18.189.111.145:443 aws-us-east-2a-lms.rbx.com tcp
US 128.116.32.3:443 lga2-128-116-32-3.roblox.com tcp
US 8.8.8.8:53 games.roblox.com udp
US 8.8.8.8:53 followings.roblox.com udp
US 8.8.8.8:53 voice.roblox.com udp
US 8.8.8.8:53 badges.roblox.com udp
US 8.8.8.8:53 sin2-128-116-97-3.roblox.com udp
US 8.8.8.8:53 gold.roblox.com udp
US 8.8.8.8:53 lax2-128-116-116-3.roblox.com udp
US 8.8.8.8:53 lax4-128-116-63-3.roblox.com udp
US 8.8.8.8:53 dfw2-128-116-95-3.roblox.com udp
US 8.8.8.8:53 c0ak.rbxcdn.com udp
US 8.8.8.8:53 c0.rbxcdn.com udp
US 128.116.95.3:443 dfw2-128-116-95-3.roblox.com tcp
US 128.116.63.3:443 lax4-128-116-63-3.roblox.com tcp
US 128.116.116.3:443 lax2-128-116-116-3.roblox.com tcp
SG 128.116.97.3:443 sin2-128-116-97-3.roblox.com tcp
DE 128.116.44.3:443 gold.roblox.com tcp
GB 2.18.190.80:443 c0ak.rbxcdn.com tcp
GB 108.156.46.103:443 c0.rbxcdn.com tcp
SG 128.116.97.3:443 sin2-128-116-97-3.roblox.com tcp
US 8.8.8.8:53 80.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 3.44.116.128.in-addr.arpa udp
US 8.8.8.8:53 103.46.156.108.in-addr.arpa udp
US 8.8.8.8:53 3.95.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.116.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.63.116.128.in-addr.arpa udp
US 8.8.8.8:53 3.97.116.128.in-addr.arpa udp
US 8.8.8.8:53 setup.rbxcdn.com udp
GB 92.123.140.24:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 24.140.123.92.in-addr.arpa udp
US 8.8.8.8:53 ecsv2.roblox.com udp
GB 128.116.119.4:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
GB 18.165.242.74:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 setup.rbxcdn.com udp
US 8.8.8.8:53 74.242.165.18.in-addr.arpa udp
GB 13.224.245.123:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:58277 tcp
N/A 127.0.0.1:58281 tcp
N/A 127.0.0.1:58296 tcp
US 8.8.8.8:53 123.245.224.13.in-addr.arpa udp
GB 13.224.245.123:443 setup.rbxcdn.com tcp
GB 13.224.245.123:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 36.242.123.52.in-addr.arpa udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 23.102.129.60:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 60.129.102.23.in-addr.arpa udp
US 8.8.8.8:53 msedge.f.tlu.dl.delivery.mp.microsoft.com udp
GB 92.123.143.227:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 227.143.123.92.in-addr.arpa udp
GB 88.221.135.25:443 www.bing.com tcp
GB 88.221.135.25:443 www.bing.com tcp
US 8.8.8.8:53 25.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
GB 95.101.143.202:443 th.bing.com tcp
GB 95.101.143.202:443 th.bing.com tcp
GB 88.221.135.35:443 th.bing.com tcp
GB 88.221.135.35:443 th.bing.com tcp
US 8.8.8.8:53 login.microsoftonline.com udp
IE 20.190.159.75:443 login.microsoftonline.com tcp
US 8.8.8.8:53 202.143.101.95.in-addr.arpa udp
US 8.8.8.8:53 35.135.221.88.in-addr.arpa udp
IE 20.190.159.75:443 login.microsoftonline.com tcp
US 8.8.8.8:53 services.bingapis.com udp
US 13.107.5.80:443 services.bingapis.com tcp
US 8.8.8.8:53 80.5.107.13.in-addr.arpa udp
US 8.8.8.8:53 unity3d.com udp
GB 104.124.180.239:443 unity3d.com tcp
GB 104.124.180.239:443 unity3d.com tcp
US 8.8.8.8:53 unity.com udp
GB 2.19.117.9:443 unity.com tcp
US 8.8.8.8:53 cdn.cookielaw.org udp
US 104.18.87.42:443 cdn.cookielaw.org tcp
US 8.8.8.8:53 71.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 75.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 9.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 239.180.124.104.in-addr.arpa udp
US 8.8.8.8:53 42.87.18.104.in-addr.arpa udp
US 8.8.8.8:53 o488710.ingest.sentry.io udp
US 104.18.33.89:443 www2.bing.com tcp
US 34.120.195.249:443 o488710.ingest.sentry.io tcp
US 104.18.33.89:443 www2.bing.com tcp
US 8.8.8.8:53 api.unity.com udp
US 104.18.33.89:443 www2.bing.com tcp
US 104.18.87.42:443 cdn.cookielaw.org tcp
BE 35.205.92.229:443 api.unity.com tcp
US 8.8.8.8:53 249.195.120.34.in-addr.arpa udp
US 8.8.8.8:53 89.33.18.104.in-addr.arpa udp
US 8.8.8.8:53 168.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 229.92.205.35.in-addr.arpa udp
US 8.8.8.8:53 geolocation.onetrust.com udp
US 104.18.29.127:443 geolocation.onetrust.com tcp
US 104.18.33.89:443 www2.bing.com tcp
US 8.8.8.8:53 public-cdn.cloud.unity3d.com udp
GB 92.123.140.43:443 public-cdn.cloud.unity3d.com tcp
GB 92.123.140.43:443 public-cdn.cloud.unity3d.com tcp
US 8.8.8.8:53 127.29.18.104.in-addr.arpa udp
US 8.8.8.8:53 43.140.123.92.in-addr.arpa udp
US 8.8.8.8:53 client-telemetry.roblox.com udp
GB 128.116.119.4:443 client-telemetry.roblox.com tcp
N/A 127.0.0.1:57742 tcp
US 34.120.195.249:443 o488710.ingest.sentry.io udp
N/A 127.0.0.1:57922 tcp
GB 128.116.119.4:443 client-telemetry.roblox.com tcp
GB 128.116.119.4:443 client-telemetry.roblox.com tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
GB 23.49.171.19:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 setup.rbxcdn.com udp
GB 13.224.245.39:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 19.171.49.23.in-addr.arpa udp
N/A 127.0.0.1:57925 tcp
N/A 127.0.0.1:57928 tcp
N/A 127.0.0.1:57951 tcp
US 8.8.8.8:53 39.245.224.13.in-addr.arpa udp
US 8.8.8.8:53 224.162.46.104.in-addr.arpa udp
US 8.8.8.8:53 privacyportal-eu.onetrust.com udp
US 104.18.28.127:443 privacyportal-eu.onetrust.com tcp
US 8.8.8.8:53 127.28.18.104.in-addr.arpa udp
GB 88.221.135.33:443 www.bing.com tcp
US 8.8.8.8:53 33.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
GB 88.221.135.27:443 r.bing.com tcp
GB 88.221.135.27:443 r.bing.com tcp
GB 88.221.135.27:443 r.bing.com tcp
GB 88.221.135.27:443 r.bing.com tcp
US 8.8.8.8:53 27.135.221.88.in-addr.arpa udp
IE 20.190.159.75:443 login.microsoftonline.com tcp
US 8.8.8.8:53 services.bingapis.com udp
US 13.107.5.80:443 services.bingapis.com tcp
US 104.18.33.89:443 www2.bing.com tcp
US 104.18.33.89:443 www2.bing.com tcp
US 8.8.8.8:53 godot-engine.en.softonic.com udp
US 151.101.193.91:443 godot-engine.en.softonic.com tcp
US 151.101.193.91:443 godot-engine.en.softonic.com tcp
US 151.101.193.91:443 godot-engine.en.softonic.com udp
US 8.8.8.8:53 91.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 images.sftcdn.net udp
US 8.8.8.8:53 sc.sftcdn.net udp
US 8.8.8.8:53 softonic.com udp
US 8.8.8.8:53 sdk.privacy-center.org udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 www.clarity.ms udp
US 151.101.1.91:443 sc.sftcdn.net tcp
US 151.101.1.91:443 sc.sftcdn.net tcp
US 151.101.1.91:443 sc.sftcdn.net tcp
US 151.101.1.91:443 sc.sftcdn.net tcp
US 151.101.1.91:443 sc.sftcdn.net tcp
US 151.101.1.91:443 sc.sftcdn.net tcp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 199.232.209.91:443 softonic.com tcp
US 199.232.209.91:443 softonic.com tcp
FR 172.217.20.196:443 www.google.com tcp
FR 172.217.20.162:443 securepubads.g.doubleclick.net tcp
US 204.79.197.237:443 bat.bing.com tcp
US 13.107.246.64:443 www.clarity.ms tcp
CZ 65.9.95.124:443 sdk.privacy-center.org tcp
FR 172.217.20.162:443 securepubads.g.doubleclick.net tcp
CZ 65.9.98.75:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 syndicatedsearch.goog udp
US 151.101.1.91:443 sc.sftcdn.net udp
FR 142.250.74.238:443 syndicatedsearch.goog tcp
FR 172.217.20.162:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 91.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 91.209.232.199.in-addr.arpa udp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 196.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 162.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 124.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 75.98.9.65.in-addr.arpa udp
US 8.8.8.8:53 238.74.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.datadoghq-browser-agent.com udp
CZ 65.9.97.224:443 www.datadoghq-browser-agent.com tcp
CZ 65.9.98.75:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 btloader.com udp
US 104.22.75.216:443 btloader.com tcp
US 8.8.8.8:53 storage.googleapis.com udp
US 8.8.8.8:53 h.clarity.ms udp
US 8.8.8.8:53 di-images.sftcdn.net udp
FR 142.250.75.251:443 storage.googleapis.com tcp
US 51.8.64.151:443 h.clarity.ms tcp
US 8.8.8.8:53 ad-delivery.net udp
US 104.26.3.70:443 ad-delivery.net tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
CZ 65.9.95.3:443 config.aps.amazon-adsystem.com tcp
US 8.8.8.8:53 cdn.btmessage.com udp
US 8.8.8.8:53 api.btloader.com udp
US 130.211.23.194:443 api.btloader.com tcp
US 130.211.23.194:443 api.btloader.com tcp
US 172.67.74.232:443 cdn.btmessage.com tcp
US 8.8.8.8:53 224.97.9.65.in-addr.arpa udp
US 8.8.8.8:53 216.75.22.104.in-addr.arpa udp
US 8.8.8.8:53 151.64.8.51.in-addr.arpa udp
US 8.8.8.8:53 251.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 34.215.58.216.in-addr.arpa udp
US 8.8.8.8:53 70.3.26.104.in-addr.arpa udp
US 8.8.8.8:53 70.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 104.22.53.86:443 cdn.id5-sync.com tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 8.8.8.8:53 api.btmessage.com udp
US 104.22.53.86:443 cdn.id5-sync.com tcp
US 8.8.8.8:53 c.clarity.ms udp
US 8.8.8.8:53 notix.io udp
US 151.101.1.91:443 di-images.sftcdn.net udp
IE 13.74.129.1:443 c.clarity.ms tcp
NL 139.45.197.227:443 notix.io tcp
US 8.8.8.8:53 3.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 232.74.67.172.in-addr.arpa udp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
US 8.8.8.8:53 86.53.22.104.in-addr.arpa udp
US 8.8.8.8:53 1.129.74.13.in-addr.arpa udp
US 8.8.8.8:53 227.197.45.139.in-addr.arpa udp
US 8.8.8.8:53 api.privacy-center.org udp
CZ 65.9.95.13:443 api.privacy-center.org tcp
FR 142.250.74.238:443 syndicatedsearch.goog udp
US 8.8.8.8:53 74c81aa847c981d14f6dfe3b5510ac1c.safeframe.googlesyndication.com udp
FR 172.217.20.196:443 www.google.com udp
FR 172.217.20.193:443 74c81aa847c981d14f6dfe3b5510ac1c.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 shb.richaudience.com udp
US 8.8.8.8:53 ad.360yield.com udp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 brightcombid.marphezis.com udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 c.bing.com udp
US 8.8.8.8:53 id.crwdcntrl.net udp
US 8.8.8.8:53 static.criteo.net udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 partner.googleadservices.com udp
US 8.8.8.8:53 cdn-ima.33across.com udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
DE 162.19.138.120:443 id5-sync.com tcp
US 172.64.151.101:443 htlb.casalemedia.com tcp
US 34.120.63.153:443 prebid.media.net tcp
IE 52.208.32.107:443 ap.lijit.com tcp
IE 54.194.128.31:443 ad.360yield.com tcp
US 151.101.193.229:443 cdn.jsdelivr.net tcp
DE 178.63.241.79:443 shb.richaudience.com tcp
DE 178.63.241.79:443 shb.richaudience.com tcp
DE 178.63.241.79:443 shb.richaudience.com tcp
DE 178.63.241.79:443 shb.richaudience.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
IE 52.215.64.44:443 id.crwdcntrl.net tcp
DE 37.252.171.52:443 ib.adnxs.com tcp
NL 185.64.189.112:443 hbopenbid.pubmatic.com tcp
NL 188.166.203.175:443 brightcombid.marphezis.com tcp
FR 142.250.179.98:443 partner.googleadservices.com tcp
CZ 65.9.9.197:443 aax.amazon-adsystem.com tcp
FR 172.217.20.194:443 googleads.g.doubleclick.net tcp
FR 172.217.20.194:443 googleads.g.doubleclick.net tcp
US 172.64.152.89:443 cdn-ima.33across.com tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
FR 172.217.20.194:443 googleads.g.doubleclick.net tcp
CZ 65.9.95.74:443 tags.crwdcntrl.net tcp
US 8.8.8.8:53 apps.identrust.com udp
FR 142.250.179.65:443 tpc.googlesyndication.com tcp
FR 142.250.179.98:443 partner.googleadservices.com tcp
CZ 65.9.95.74:443 tags.crwdcntrl.net tcp
GB 88.221.135.104:80 apps.identrust.com tcp
US 8.8.8.8:53 analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 gum.criteo.com udp
BE 74.125.71.155:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
FR 216.58.214.174:443 analytics.google.com tcp
US 8.8.8.8:53 ampcid.google.com udp
FR 142.250.179.65:443 tpc.googlesyndication.com udp
FR 172.217.20.196:443 www.google.com udp
US 8.8.8.8:53 lexicon.33across.com udp
NL 178.250.1.11:443 gum.criteo.com tcp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
FR 172.217.20.174:443 ampcid.google.com tcp
US 35.244.193.51:443 lexicon.33across.com tcp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 13.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 193.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 101.151.64.172.in-addr.arpa udp
US 8.8.8.8:53 153.63.120.34.in-addr.arpa udp
US 8.8.8.8:53 120.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 107.32.208.52.in-addr.arpa udp
US 8.8.8.8:53 31.128.194.54.in-addr.arpa udp
US 8.8.8.8:53 229.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 151.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 112.189.64.185.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 175.203.166.188.in-addr.arpa udp
US 8.8.8.8:53 44.64.215.52.in-addr.arpa udp
US 8.8.8.8:53 52.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 79.241.63.178.in-addr.arpa udp
US 8.8.8.8:53 89.152.64.172.in-addr.arpa udp
US 8.8.8.8:53 194.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 238.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 74.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 65.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 98.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 155.71.125.74.in-addr.arpa udp
US 8.8.8.8:53 104.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 174.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 174.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 51.193.244.35.in-addr.arpa udp
BE 74.125.71.155:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 dnacdn.net udp
US 8.8.8.8:53 ag.gbc.criteo.com udp
US 8.8.8.8:53 gem.gbc.criteo.com udp
FR 185.235.86.21:443 ag.gbc.criteo.com tcp
FR 185.235.86.64:443 gem.gbc.criteo.com tcp
NL 178.250.1.11:443 dnacdn.net tcp
FR 185.235.86.21:443 ag.gbc.criteo.com tcp
FR 185.235.86.64:443 gem.gbc.criteo.com tcp
US 34.120.63.153:443 prebid.media.net udp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
IE 67.220.228.201:443 aax-eu.amazon-adsystem.com tcp
US 8.8.8.8:53 116.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 227.74.250.142.in-addr.arpa udp
US 8.8.8.8:53 201.228.220.67.in-addr.arpa udp
US 8.8.8.8:53 234.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 67.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 acdn.adnxs.com udp
US 8.8.8.8:53 contextual.media.net udp
US 8.8.8.8:53 sync.richaudience.com udp
US 8.8.8.8:53 visitor.omnitagjs.com udp
US 8.8.8.8:53 js-sec.indexww.com udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 151.101.129.108:443 acdn.adnxs.com tcp
GB 2.18.108.192:443 ads.pubmatic.com tcp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
US 172.64.149.180:443 js-sec.indexww.com tcp
GB 95.100.244.20:443 contextual.media.net tcp
DE 162.55.233.29:443 sync.richaudience.com tcp
US 8.8.8.8:53 cacerts.rapidssl.com udp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 ssc-cms.33across.com udp
DE 51.75.86.98:443 onetag-sys.com tcp
US 67.202.105.21:443 ssc-cms.33across.com tcp
US 8.8.8.8:53 player.aniview.com udp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
GB 92.123.140.19:443 player.aniview.com tcp
US 18.233.214.218:443 cs-server-s2s.yellowblue.io tcp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
US 8.8.8.8:53 secure.adnxs.com udp
US 8.8.8.8:53 dis.criteo.com udp
US 8.8.8.8:53 bc-sync.com udp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 api-2-0.spot.im udp
FR 91.134.110.133:443 ssbsync.smartadserver.com tcp
US 8.2.108.175:443 bc-sync.com tcp
US 8.8.8.8:53 match.prod.bidr.io udp
US 54.227.210.51:443 api-2-0.spot.im tcp
US 8.8.8.8:53 match.adsrvr.org udp
NL 178.250.1.9:443 dis.criteo.com tcp
US 8.8.8.8:53 image8.pubmatic.com udp
NL 46.228.174.117:443 sync.1rx.io tcp
US 52.223.40.198:443 match.adsrvr.org tcp
GB 185.64.191.214:443 image8.pubmatic.com tcp
IE 52.215.113.33:443 match.prod.bidr.io tcp
US 8.8.8.8:53 cdn.indexww.com udp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 8.8.8.8:53 rtb.mfadsrvr.com udp
US 8.8.8.8:53 sync.mathtag.com udp
US 8.8.8.8:53 pixel-eu.rubiconproject.com udp
US 8.8.8.8:53 ads.stickyadstv.com udp
US 8.8.8.8:53 pixel.rubiconproject.com udp
US 8.8.8.8:53 cs.admanmedia.com udp
US 8.8.8.8:53 t.adx.opera.com udp
DE 51.75.86.98:443 onetag-sys.com udp
US 8.8.8.8:53 ssbsync-global.smartadserver.com udp
GB 185.64.191.214:443 image8.pubmatic.com tcp
US 8.8.8.8:53 spl.zeotap.com udp
US 8.8.8.8:53 108.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 192.108.18.2.in-addr.arpa udp
US 8.8.8.8:53 180.149.64.172.in-addr.arpa udp
US 8.8.8.8:53 153.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 20.244.100.95.in-addr.arpa udp
US 8.8.8.8:53 29.233.55.162.in-addr.arpa udp
US 8.8.8.8:53 98.86.75.51.in-addr.arpa udp
US 8.8.8.8:53 21.105.202.67.in-addr.arpa udp
US 8.8.8.8:53 19.140.123.92.in-addr.arpa udp
US 8.8.8.8:53 218.214.233.18.in-addr.arpa udp
US 8.8.8.8:53 133.110.134.91.in-addr.arpa udp
US 8.8.8.8:53 9.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 198.40.223.52.in-addr.arpa udp
US 8.8.8.8:53 214.191.64.185.in-addr.arpa udp
NL 35.214.199.88:443 rtb.mfadsrvr.com tcp
US 8.8.8.8:53 sync.aniview.com udp
US 74.121.140.211:443 sync.mathtag.com tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
US 80.77.87.166:443 cs.admanmedia.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
NL 69.173.156.149:443 pixel.rubiconproject.com tcp
NL 154.57.158.116:443 ads.stickyadstv.com tcp
US 104.22.50.98:443 spl.zeotap.com tcp
US 172.240.45.78:443 sync.aniview.com tcp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 8.8.8.8:53 jadserve.postrelease.com udp
US 52.54.28.112:443 sync.srv.stackadapt.com tcp
IE 108.128.166.156:443 jadserve.postrelease.com tcp
US 8.8.8.8:53 tracker.open-adsyield.com udp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
US 8.8.8.8:53 s.ad.smaato.net udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 id.rlcdn.com udp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 172.111.38.86:443 tracker.open-adsyield.com tcp
FR 91.134.110.137:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 bttrack.com udp
GB 108.156.39.117:443 s.ad.smaato.net tcp
US 35.244.174.68:443 id.rlcdn.com tcp
FR 142.250.75.226:443 cm.g.doubleclick.net tcp
US 192.132.33.68:443 bttrack.com tcp
FR 142.250.75.226:443 cm.g.doubleclick.net tcp
US 8.8.8.8:53 s.amazon-adsystem.com udp
US 52.46.130.91:443 s.amazon-adsystem.com tcp
FR 142.250.75.226:443 cm.g.doubleclick.net udp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
FR 216.58.214.174:443 analytics.google.com udp
GB 2.22.101.110:443 secure-assets.rubiconproject.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
GB 95.100.245.251:443 eus.rubiconproject.com tcp
US 8.8.8.8:53 175.108.2.8.in-addr.arpa udp
US 8.8.8.8:53 33.113.215.52.in-addr.arpa udp
US 8.8.8.8:53 51.210.227.54.in-addr.arpa udp
US 8.8.8.8:53 91.149.214.35.in-addr.arpa udp
US 8.8.8.8:53 88.199.214.35.in-addr.arpa udp
US 8.8.8.8:53 8.213.145.82.in-addr.arpa udp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 116.158.57.154.in-addr.arpa udp
US 8.8.8.8:53 98.50.22.104.in-addr.arpa udp
US 8.8.8.8:53 166.87.77.80.in-addr.arpa udp
US 8.8.8.8:53 211.140.121.74.in-addr.arpa udp
US 8.8.8.8:53 78.45.240.172.in-addr.arpa udp
US 8.8.8.8:53 156.166.128.108.in-addr.arpa udp
US 8.8.8.8:53 112.28.54.52.in-addr.arpa udp
US 8.8.8.8:53 117.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 137.110.134.91.in-addr.arpa udp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 8.8.8.8:53 226.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 86.38.111.172.in-addr.arpa udp
US 8.8.8.8:53 68.33.132.192.in-addr.arpa udp
US 8.8.8.8:53 91.130.46.52.in-addr.arpa udp
US 8.8.8.8:53 233.38.18.104.in-addr.arpa udp
US 8.8.8.8:53 110.101.22.2.in-addr.arpa udp
US 8.8.8.8:53 150.216.36.34.in-addr.arpa udp
US 8.8.8.8:53 251.245.100.95.in-addr.arpa udp
US 8.8.8.8:53 token.rubiconproject.com udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 199.232.209.91:443 softonic.com udp
US 172.67.74.232:443 api.btmessage.com tcp
FR 172.217.20.162:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 connect.facebook.net udp
GB 157.240.221.16:443 connect.facebook.net tcp
US 8.8.8.8:53 csm.nl3.eu.criteo.net udp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
US 8.8.8.8:53 d403f1b052b0a416036991c5a001800b.safeframe.googlesyndication.com udp
FR 172.217.20.194:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 16.221.240.157.in-addr.arpa udp
US 8.8.8.8:53 25.1.250.178.in-addr.arpa udp
US 130.211.23.194:443 api.btloader.com udp
GB 157.240.221.35:443 www.facebook.com tcp
GB 157.240.221.35:443 www.facebook.com tcp
NL 139.45.197.227:443 notix.io tcp
US 8.8.8.8:53 35.221.240.157.in-addr.arpa udp
US 8.8.8.8:53 en.softonic.com udp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 wct.softonic.com udp
US 172.67.74.173:443 wct.softonic.com tcp
US 8.8.8.8:53 adbec3ef9da4977246658d2680b944de.safeframe.googlesyndication.com udp
GB 18.245.143.101:443 js.adscale.de tcp
NL 178.250.1.11:443 dnacdn.net tcp
US 172.67.74.173:443 wct.softonic.com tcp
US 8.8.8.8:53 prs.sftcdn.net udp
US 8.8.8.8:53 articles-img.sftcdn.net udp
US 35.244.193.51:443 lexicon.33across.com udp
US 8.8.8.8:53 ih.adscale.de udp
DE 18.197.64.137:443 ih.adscale.de tcp
NL 178.250.1.11:443 dnacdn.net tcp
FR 185.235.86.21:443 ag.gbc.criteo.com tcp
FR 185.235.86.64:443 gem.gbc.criteo.com tcp
US 8.8.8.8:53 push-sdk.com udp
DE 157.90.33.122:443 push-sdk.com tcp
US 8.8.8.8:53 173.74.67.172.in-addr.arpa udp
US 8.8.8.8:53 101.143.245.18.in-addr.arpa udp
US 8.8.8.8:53 137.64.197.18.in-addr.arpa udp
US 8.8.8.8:53 122.33.90.157.in-addr.arpa udp
US 8.8.8.8:53 uidsync.net udp
DE 157.90.33.72:443 uidsync.net tcp
NL 139.45.197.227:443 notix.io tcp
DE 157.90.33.72:443 uidsync.net tcp
US 8.8.8.8:53 72.33.90.157.in-addr.arpa udp
US 8.8.8.8:53 22.177.190.20.in-addr.arpa udp
US 8.8.8.8:53 gsf-fl.softonic.com udp
US 199.232.198.133:443 gsf-fl.softonic.com tcp
US 67.202.105.21:443 ssc-cms.33across.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
US 8.2.108.175:443 bc-sync.com tcp
IE 52.215.113.33:443 match.prod.bidr.io tcp
US 52.54.28.112:443 sync.srv.stackadapt.com tcp
US 35.244.174.68:443 id.rlcdn.com udp
NL 35.214.199.88:443 rtb.mfadsrvr.com udp
FR 91.134.110.137:443 rtb-csync.smartadserver.com tcp
FR 91.134.110.137:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 sync-tm.everesttech.net udp
US 151.101.2.49:443 sync-tm.everesttech.net tcp
US 8.8.8.8:53 match.sharethrough.com udp
DE 18.197.30.174:443 match.sharethrough.com tcp
US 8.8.8.8:53 133.198.232.199.in-addr.arpa udp
US 8.8.8.8:53 49.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 174.30.197.18.in-addr.arpa udp
FR 185.235.86.76:443 gem.gbc.criteo.com tcp
FR 185.235.86.0:443 ag.gbc.criteo.com tcp
FR 185.235.86.0:443 ag.gbc.criteo.com tcp
FR 185.235.86.76:443 gem.gbc.criteo.com tcp
US 8.8.8.8:53 roblox.en.softonic.com udp
US 8.8.8.8:53 267f1d0a575c34197760b64c39197443.safeframe.googlesyndication.com udp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
DE 37.252.171.52:443 secure.adnxs.com tcp
NL 178.250.1.11:443 dnacdn.net tcp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
NL 178.250.1.11:443 dnacdn.net tcp
FR 185.235.86.21:443 ag.gbc.criteo.com tcp
FR 185.235.86.64:443 gem.gbc.criteo.com tcp
NL 139.45.197.227:443 notix.io tcp
CZ 65.9.9.197:443 aax.amazon-adsystem.com tcp
US 8.8.8.8:53 c5c4710329fbb60adff39b863dc2024f.safeframe.googlesyndication.com udp
FR 185.235.86.76:443 gem.gbc.criteo.com tcp
FR 185.235.86.0:443 ag.gbc.criteo.com tcp
US 199.232.209.91:443 softonic.com udp
US 8.8.8.8:53 leap.ldplayer.gg udp
GB 163.181.57.238:443 leap.ldplayer.gg tcp
FR 172.217.20.162:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 www.ldplayer.net udp
GB 163.181.57.235:443 www.ldplayer.net tcp
US 8.8.8.8:53 238.57.181.163.in-addr.arpa udp
US 8.8.8.8:53 235.57.181.163.in-addr.arpa udp
US 8.8.8.8:53 cdn.ldplayer.net udp
US 8.8.8.8:53 play-lh.googleusercontent.com udp
US 8.8.8.8:53 cmp.setupcmp.com udp
US 172.67.70.36:443 cmp.setupcmp.com tcp
FR 216.58.214.182:443 play-lh.googleusercontent.com tcp
FR 216.58.214.182:443 play-lh.googleusercontent.com udp
US 8.8.8.8:53 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 stpd.cloud udp
US 172.67.70.36:443 cmp.setupcmp.com tcp
US 8.8.8.8:53 182.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 7ee55112c2fb25d64942204547744b15.safeframe.googlesyndication.com udp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 apis.google.com udp
FR 142.250.179.78:443 apis.google.com tcp
US 8.8.8.8:53 apien.ldplayer.net udp
US 8.8.8.8:53 invite.ldplayer.net udp
US 104.18.31.49:443 stpd.cloud tcp
US 8.8.8.8:53 usersdk.ldmnq.com udp
US 8.8.8.8:53 api.ldshop.gg udp
FR 142.250.179.78:443 apis.google.com udp
CZ 65.9.95.107:443 apien.ldplayer.net tcp
SG 47.245.114.192:443 invite.ldplayer.net tcp
SG 8.219.223.66:443 usersdk.ldmnq.com tcp
SG 8.222.160.10:443 api.ldshop.gg tcp
US 8.8.8.8:53 78.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 49.31.18.104.in-addr.arpa udp
CZ 65.9.95.107:443 apien.ldplayer.net tcp
SG 47.245.114.192:443 invite.ldplayer.net tcp
SG 8.219.223.66:443 usersdk.ldmnq.com tcp
SG 8.222.160.10:443 api.ldshop.gg tcp
US 8.8.8.8:53 www.googletagservices.com udp
FR 142.250.179.98:443 www.googletagservices.com tcp
FR 142.250.179.98:443 www.googletagservices.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 108.177.127.84:443 accounts.google.com tcp
US 8.8.8.8:53 oss.ld-space.com udp
US 8.8.8.8:53 107.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 66.223.219.8.in-addr.arpa udp
US 8.8.8.8:53 192.114.245.47.in-addr.arpa udp
US 8.8.8.8:53 10.160.222.8.in-addr.arpa udp
US 8.8.8.8:53 84.127.177.108.in-addr.arpa udp
US 8.8.8.8:53 tagan.adlightning.com udp
US 151.101.193.229:443 cdn.jsdelivr.net udp
CZ 65.9.95.20:443 tagan.adlightning.com tcp
US 8.8.8.8:53 10055e4a5a65639442ae67aa75ac910e.safeframe.googlesyndication.com udp
CZ 65.9.95.20:443 tagan.adlightning.com tcp
NL 178.250.1.11:443 dnacdn.net tcp
US 8.8.8.8:53 prebid-stag.setupad.net udp
US 8.8.8.8:53 bidder.criteo.com udp
US 8.8.8.8:53 prg.smartadserver.com udp
US 8.8.8.8:53 rtb.openx.net udp
US 8.8.8.8:53 prebid.a-mo.net udp
US 8.8.8.8:53 prebid-eu.creativecdn.com udp
US 8.8.8.8:53 rtb.adxpremium.services udp
US 8.8.8.8:53 adx.adform.net udp
NL 108.177.127.84:443 accounts.google.com udp
NL 185.184.8.90:443 prebid-eu.creativecdn.com tcp
US 35.186.253.211:443 rtb.openx.net tcp
DK 37.157.3.20:443 adx.adform.net tcp
NL 185.106.140.18:443 rtb.adxpremium.services tcp
FR 91.134.110.128:443 prg.smartadserver.com tcp
US 172.67.68.162:443 prebid-stag.setupad.net tcp
US 172.67.68.162:443 prebid-stag.setupad.net tcp
NL 147.75.81.235:443 prebid.a-mo.net tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
NL 178.250.1.11:443 dnacdn.net tcp
US 35.186.253.211:443 rtb.openx.net tcp
FR 91.134.110.128:443 prg.smartadserver.com tcp
NL 185.184.8.90:443 prebid-eu.creativecdn.com tcp
NL 185.106.140.18:443 rtb.adxpremium.services tcp
NL 178.250.1.11:443 dnacdn.net tcp
US 8.8.8.8:53 20.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 20.3.157.37.in-addr.arpa udp
US 8.8.8.8:53 162.68.67.172.in-addr.arpa udp
US 8.8.8.8:53 235.81.75.147.in-addr.arpa udp
US 8.8.8.8:53 8.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 211.253.186.35.in-addr.arpa udp
US 8.8.8.8:53 128.110.134.91.in-addr.arpa udp
US 8.8.8.8:53 18.140.106.185.in-addr.arpa udp
US 8.8.8.8:53 90.8.184.185.in-addr.arpa udp
FR 185.235.86.20:443 ag.gbc.criteo.com tcp
FR 185.235.86.67:443 gem.gbc.criteo.com tcp
GB 163.181.57.236:443 oss.ld-space.com tcp
US 8.8.8.8:53 u.openx.net udp
US 35.244.159.8:443 u.openx.net tcp
FR 185.235.86.67:443 gem.gbc.criteo.com tcp
FR 185.235.86.20:443 ag.gbc.criteo.com tcp
NL 178.250.1.11:443 dnacdn.net tcp
US 35.244.159.8:443 u.openx.net udp
US 67.202.105.21:443 ssc-cms.33across.com tcp
FR 91.134.110.133:443 ssbsync-global.smartadserver.com tcp
US 8.8.8.8:53 236.57.181.163.in-addr.arpa udp
US 8.8.8.8:53 8.159.244.35.in-addr.arpa udp
US 8.8.8.8:53 130.178.250.142.in-addr.arpa udp
DK 37.157.6.233:443 cm.adform.net tcp
DE 157.90.33.122:443 uidsync.net tcp
NL 178.250.1.9:443 dis.criteo.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
DE 18.197.30.174:443 match.sharethrough.com tcp
US 8.2.108.175:443 bc-sync.com tcp
DE 157.90.33.72:443 uidsync.net tcp
FR 91.134.110.137:443 rtb-csync.smartadserver.com tcp
DE 18.197.30.174:443 match.sharethrough.com tcp
DE 157.90.33.72:443 uidsync.net tcp
NL 178.250.1.3:443 static.criteo.net tcp
FR 91.134.110.137:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 233.6.157.37.in-addr.arpa udp
IE 52.215.113.33:443 match.prod.bidr.io tcp
US 52.54.28.112:443 sync.srv.stackadapt.com tcp
US 35.244.174.68:443 id.rlcdn.com udp
US 172.111.38.86:443 tracker.open-adsyield.com tcp
US 192.132.33.68:443 bttrack.com tcp
NL 139.45.197.227:443 notix.io tcp
NL 139.45.197.227:443 notix.io tcp
FR 185.235.86.76:443 gem.gbc.criteo.com tcp
FR 185.235.86.0:443 ag.gbc.criteo.com tcp
US 51.8.64.151:443 h.clarity.ms tcp
US 8.8.8.8:53 cd.connatix.com udp
US 104.18.6.198:443 cd.connatix.com tcp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 cds.connatix.com udp
US 8.8.8.8:53 capi.connatix.com udp
US 8.8.8.8:53 ins.connatix.com udp
US 8.8.8.8:53 vid.connatix.com udp
US 8.8.8.8:53 lit.connatix.com udp
US 8.8.8.8:53 imasdk.googleapis.com udp
US 8.8.8.8:53 img.connatix.com udp
FR 142.250.179.106:443 imasdk.googleapis.com tcp
US 8.8.8.8:53 106.179.250.142.in-addr.arpa udp
FR 142.250.179.106:443 imasdk.googleapis.com udp
FR 185.235.86.67:443 gem.gbc.criteo.com tcp
FR 185.235.86.20:443 ag.gbc.criteo.com tcp
US 8.8.8.8:53 s0.2mdn.net udp
FR 142.250.179.70:443 s0.2mdn.net tcp
FR 91.134.110.133:443 ssbsync-global.smartadserver.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
US 8.8.8.8:53 70.179.250.142.in-addr.arpa udp
US 67.202.105.21:443 ssc-cms.33across.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
US 8.2.108.175:443 bc-sync.com tcp
IE 52.215.113.33:443 match.prod.bidr.io tcp
US 52.54.28.112:443 sync.srv.stackadapt.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
US 8.2.108.175:443 bc-sync.com tcp
IE 52.215.113.33:443 match.prod.bidr.io tcp
US 52.54.28.112:443 sync.srv.stackadapt.com tcp
FR 142.250.201.162:443 pubads.g.doubleclick.net tcp
US 8.8.8.8:53 c1.adform.net udp
US 8.8.8.8:53 csync.loopme.me udp
DE 18.197.30.174:443 match.sharethrough.com tcp
DE 18.197.30.174:443 match.sharethrough.com tcp
US 8.8.8.8:53 162.201.250.142.in-addr.arpa udp
FR 91.134.110.137:443 rtb-csync.smartadserver.com tcp
FR 91.134.110.137:443 rtb-csync.smartadserver.com tcp
NL 178.250.1.11:443 dnacdn.net tcp
NL 178.250.1.11:443 dnacdn.net tcp
NL 35.214.169.107:443 csync.loopme.me tcp
US 8.8.8.8:53 107.169.214.35.in-addr.arpa udp
FR 142.250.201.162:443 pubads.g.doubleclick.net tcp
FR 142.250.201.162:443 pubads.g.doubleclick.net tcp
US 8.8.8.8:53 csi.gstatic.com udp
FR 142.250.201.162:443 pubads.g.doubleclick.net udp
US 209.85.145.120:443 csi.gstatic.com tcp
US 209.85.145.120:443 csi.gstatic.com tcp
US 172.67.74.173:443 wct.softonic.com tcp
US 209.85.145.120:443 csi.gstatic.com tcp
US 8.8.8.8:53 120.145.85.209.in-addr.arpa udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 www.google.com udp
US 209.85.145.120:443 csi.gstatic.com tcp
US 209.85.145.120:443 csi.gstatic.com udp
FR 185.235.86.1:443 ag.gbc.criteo.com tcp
FR 185.235.86.72:443 gem.gbc.criteo.com tcp
FR 185.235.86.1:443 ag.gbc.criteo.com tcp
FR 185.235.86.72:443 gem.gbc.criteo.com tcp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 en.softonic.com udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 172.67.74.232:443 api.btmessage.com tcp
US 8.8.8.8:53 sc.sftcdn.net udp
US 199.232.209.91:443 softonic.com udp
US 8.8.8.8:53 images.sftcdn.net udp
CZ 65.9.98.75:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 secure.cdn.fastclick.net udp
US 8.8.8.8:53 cdn.hadronid.net udp
FR 185.235.86.20:443 ag.gbc.criteo.com tcp
FR 185.235.86.67:443 gem.gbc.criteo.com tcp
US 8.8.8.8:53 h.clarity.ms udp
US 51.8.64.151:443 h.clarity.ms tcp
US 51.8.64.151:443 h.clarity.ms tcp
GB 23.49.161.153:443 secure.cdn.fastclick.net tcp
GB 23.49.161.153:443 secure.cdn.fastclick.net tcp
US 104.22.52.173:443 cdn.hadronid.net tcp
GB 23.49.161.153:443 secure.cdn.fastclick.net tcp
US 104.22.52.173:443 cdn.hadronid.net tcp
GB 23.49.161.153:443 secure.cdn.fastclick.net tcp
US 8.8.8.8:53 153.161.49.23.in-addr.arpa udp
US 8.8.8.8:53 173.52.22.104.in-addr.arpa udp
US 8.8.8.8:53 id.hadron.ad.gt udp
US 172.67.23.234:443 id.hadron.ad.gt tcp
US 8.8.8.8:53 234.23.67.172.in-addr.arpa udp
FR 185.235.86.1:443 ag.gbc.criteo.com tcp
FR 185.235.86.72:443 gem.gbc.criteo.com tcp
US 8.8.8.8:53 a.ad.gt udp
NL 63.215.202.146:443 proc.ad.cpe.dotomi.com tcp
NL 63.215.202.146:443 proc.ad.cpe.dotomi.com tcp
US 8.8.8.8:53 146.202.215.63.in-addr.arpa udp
NL 178.250.1.11:443 dnacdn.net tcp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
IE 34.246.85.224:443 bcp.crwdcntrl.net tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
FR 91.134.110.128:443 prg.smartadserver.com tcp
US 35.186.253.211:443 rtb.openx.net udp
NL 178.250.1.11:443 dnacdn.net tcp
US 104.22.4.69:443 a.ad.gt tcp
US 8.8.8.8:53 224.85.246.34.in-addr.arpa udp
NL 108.177.127.84:443 accounts.google.com udp
FR 172.217.20.196:443 www.google.com udp
US 8.8.8.8:53 69.4.22.104.in-addr.arpa udp
FR 142.250.75.251:443 storage.googleapis.com udp
US 8.8.8.8:53 829ccc42de3b7be9943b6470c5b5cd65.safeframe.googlesyndication.com udp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
US 8.8.8.8:53 node.setupad.com udp
DE 159.89.25.223:443 node.setupad.com tcp
US 8.8.8.8:53 cdn.ampproject.org udp
FR 172.217.18.193:443 cdn.ampproject.org tcp
FR 172.217.18.193:443 cdn.ampproject.org tcp
FR 172.217.18.193:443 cdn.ampproject.org tcp
FR 172.217.18.193:443 cdn.ampproject.org tcp
FR 172.217.18.193:443 cdn.ampproject.org tcp
FR 142.250.179.65:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 223.25.89.159.in-addr.arpa udp
FR 185.235.86.64:443 gem.gbc.criteo.com tcp
FR 185.235.86.21:443 ag.gbc.criteo.com tcp
US 8.8.8.8:53 setupad-d.openx.net udp
US 8.8.8.8:53 adxbid.info udp
US 8.8.8.8:53 bh.contextweb.com udp
FR 91.134.110.137:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 sync.a-mo.net udp
NL 46.228.174.117:443 sync.1rx.io tcp
US 35.244.159.8:443 setupad-d.openx.net udp
FR 91.134.110.137:443 rtb-csync.smartadserver.com tcp
US 172.67.138.13:443 adxbid.info tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
NL 147.75.34.177:443 sync.a-mo.net tcp
US 8.8.8.8:53 eb2.3lift.com udp
US 8.8.8.8:53 assets.a-mo.net udp
US 13.248.245.213:443 eb2.3lift.com tcp
US 104.19.158.19:443 assets.a-mo.net tcp
US 8.8.8.8:53 id.a-mx.com udp
DE 37.252.171.52:443 secure.adnxs.com tcp
US 8.8.8.8:53 13.138.67.172.in-addr.arpa udp
US 8.8.8.8:53 131.169.93.208.in-addr.arpa udp
US 8.8.8.8:53 177.34.75.147.in-addr.arpa udp
US 8.8.8.8:53 213.245.248.13.in-addr.arpa udp
US 8.8.8.8:53 19.158.19.104.in-addr.arpa udp
US 8.8.8.8:53 as.ck-ie.com udp
US 8.2.110.113:443 as.ck-ie.com tcp
NL 79.127.227.46:443 id.a-mx.com tcp
US 8.8.8.8:53 vid.vidoomy.com udp
GB 89.187.167.38:443 vid.vidoomy.com tcp
US 8.8.8.8:53 ssum.casalemedia.com udp
FR 185.235.86.3:443 ag.gbc.criteo.com tcp
FR 185.235.86.57:443 gem.gbc.criteo.com tcp
US 8.8.8.8:53 46.227.127.79.in-addr.arpa udp
US 8.8.8.8:53 113.110.2.8.in-addr.arpa udp
US 8.8.8.8:53 38.167.187.89.in-addr.arpa udp
US 8.8.8.8:53 vpaid.vidoomy.com udp
US 8.8.8.8:53 prebid.adnxs.com udp
US 8.8.8.8:53 ow.pubmatic.com udp
US 8.8.8.8:53 user-sync.adxpremium.services udp
FR 185.235.86.57:443 gem.gbc.criteo.com tcp
FR 185.235.86.3:443 ag.gbc.criteo.com tcp
GB 89.187.167.39:443 vpaid.vidoomy.com tcp
US 209.192.201.180:443 user-sync.adxpremium.services tcp
GB 185.64.190.84:443 ow.pubmatic.com tcp
NL 185.89.208.11:443 prebid.adnxs.com tcp
DE 79.127.216.47:443 id.a-mx.com tcp
GB 89.187.167.39:443 vpaid.vidoomy.com tcp
US 8.8.8.8:53 image8.pubmatic.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 8.8.8.8:53 a.vidoomy.com udp
ES 212.36.83.246:443 a.vidoomy.com tcp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 84.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 11.208.89.185.in-addr.arpa udp
US 8.8.8.8:53 47.216.127.79.in-addr.arpa udp
US 8.8.8.8:53 180.201.192.209.in-addr.arpa udp
US 8.8.8.8:53 39.167.187.89.in-addr.arpa udp
US 8.8.8.8:53 246.83.36.212.in-addr.arpa udp
US 8.8.8.8:53 cdn.ldplayer.net udp
GB 163.181.57.235:443 cdn.ldplayer.net tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
US 8.8.8.8:53 d19mtdoi3rn3ox.cloudfront.net udp
CZ 65.9.94.6:443 d19mtdoi3rn3ox.cloudfront.net tcp
US 8.8.8.8:53 6.94.9.65.in-addr.arpa udp
FR 185.235.86.1:443 ag.gbc.criteo.com tcp
FR 185.235.86.72:443 gem.gbc.criteo.com tcp
US 8.8.8.8:53 d1arl2thrafelv.cloudfront.net udp
CZ 65.9.94.209:443 d1arl2thrafelv.cloudfront.net tcp
US 8.8.8.8:53 209.94.9.65.in-addr.arpa udp
CZ 65.9.94.209:443 d1arl2thrafelv.cloudfront.net tcp
US 8.8.8.8:53 encdn.ldmnq.com udp
CZ 65.9.95.96:443 encdn.ldmnq.com tcp
US 8.8.8.8:53 96.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 12.94.9.65.in-addr.arpa udp
US 8.8.8.8:53 120.89.9.65.in-addr.arpa udp
FR 185.235.86.3:443 ag.gbc.criteo.com tcp
FR 185.235.86.57:443 gem.gbc.criteo.com tcp
US 8.8.8.8:53 113.216.138.108.in-addr.arpa udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
FR 185.235.86.0:443 ag.gbc.criteo.com tcp
FR 185.235.86.76:443 gem.gbc.criteo.com tcp
NL 178.250.1.11:443 dnacdn.net tcp
FR 185.235.86.71:443 gem.gbc.criteo.com tcp
US 8.8.8.8:53 8proof.com udp
FR 185.235.86.24:443 ag.gbc.criteo.com tcp
US 52.116.53.150:443 8proof.com tcp
FR 185.235.86.24:443 ag.gbc.criteo.com tcp
FR 185.235.86.71:443 gem.gbc.criteo.com tcp
NL 178.250.1.11:443 dnacdn.net tcp
US 52.116.53.150:443 8proof.com tcp
FR 91.134.110.128:443 prg.smartadserver.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
FR 91.134.110.128:443 prg.smartadserver.com tcp
US 8.8.8.8:53 www.ldplayer.net udp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
US 8.8.8.8:53 ssp-sync.criteo.com udp
NL 178.250.1.7:443 ssp-sync.criteo.com tcp
NL 178.250.1.7:443 ssp-sync.criteo.com tcp
US 8.8.8.8:53 150.53.116.52.in-addr.arpa udp
US 8.8.8.8:53 7.1.250.178.in-addr.arpa udp
NL 178.250.1.11:443 dnacdn.net tcp
NL 178.250.1.11:443 dnacdn.net tcp
US 8.8.8.8:53 middledata.ldplayer.net udp
SG 8.219.4.49:443 middledata.ldplayer.net tcp
US 8.8.8.8:53 6b48259f4d56533f9ada0f7bad5a56d3.safeframe.googlesyndication.com udp
US 8.8.8.8:53 ident.me udp
US 8.8.8.8:53 49.4.219.8.in-addr.arpa udp
FR 142.250.179.65:443 tpc.googlesyndication.com udp
DE 49.12.234.183:80 ident.me tcp
DE 49.12.234.183:80 ident.me tcp
US 8.8.8.8:53 183.234.12.49.in-addr.arpa udp
FR 185.235.86.57:443 gem.gbc.criteo.com tcp
FR 185.235.86.3:443 ag.gbc.criteo.com tcp
US 8.8.8.8:53 ad.360yield.com udp
NL 188.166.203.175:443 brightcombid.marphezis.com tcp
DE 37.252.171.52:443 secure.adnxs.com tcp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
US 35.244.159.8:443 setupad-d.openx.net udp
IE 54.154.214.78:443 ad.360yield.com tcp
US 34.120.63.153:443 prebid.media.net udp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
IE 54.154.214.78:443 ad.360yield.com tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
US 35.244.159.8:443 setupad-d.openx.net udp
US 8.8.8.8:53 s.company-target.com udp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
DE 37.252.171.52:443 secure.adnxs.com tcp
NL 188.166.203.175:443 brightcombid.marphezis.com tcp
FR 91.134.110.137:443 rtb-csync.smartadserver.com tcp
NL 79.127.227.46:443 id.a-mx.com tcp
FR 91.134.110.137:443 rtb-csync.smartadserver.com tcp
NL 79.127.227.46:443 id.a-mx.com tcp
US 8.8.8.8:53 78.214.154.54.in-addr.arpa udp
US 34.96.71.22:443 s.company-target.com tcp
US 34.96.71.22:443 s.company-target.com tcp
FR 142.250.75.226:443 cm.g.doubleclick.net udp
US 8.8.8.8:53 22.71.96.34.in-addr.arpa udp
US 8.2.110.113:443 as.ck-ie.com tcp
DE 79.127.216.47:443 id.a-mx.com tcp
US 8.2.110.113:443 as.ck-ie.com tcp
US 209.192.201.180:443 user-sync.adxpremium.services tcp
US 8.8.8.8:53 creativecdn.com udp
US 209.192.201.180:443 user-sync.adxpremium.services tcp
ES 212.36.83.246:443 a.vidoomy.com tcp
ES 212.36.83.246:443 a.vidoomy.com tcp
FR 185.235.86.71:443 gem.gbc.criteo.com tcp
FR 185.235.86.24:443 ag.gbc.criteo.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
FR 185.235.86.20:443 ag.gbc.criteo.com tcp
FR 185.235.86.67:443 gem.gbc.criteo.com tcp
FR 185.235.86.63:443 gem.gbc.criteo.com tcp
FR 185.235.86.7:443 ag.gbc.criteo.com tcp
FR 185.235.86.63:443 gem.gbc.criteo.com tcp
FR 185.235.86.7:443 ag.gbc.criteo.com tcp
FR 185.235.86.21:443 ag.gbc.criteo.com tcp
FR 185.235.86.64:443 gem.gbc.criteo.com tcp
US 8.8.8.8:53 h.clarity.ms udp
US 51.8.64.151:443 h.clarity.ms tcp
FR 185.235.86.71:443 gem.gbc.criteo.com tcp
FR 185.235.86.24:443 ag.gbc.criteo.com tcp
FR 185.235.86.63:443 gem.gbc.criteo.com tcp
FR 185.235.86.7:443 ag.gbc.criteo.com tcp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 13.67.191.143:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 143.191.67.13.in-addr.arpa udp
US 8.8.8.8:53 th.bing.com udp
GB 88.221.135.25:443 th.bing.com tcp
GB 95.101.143.195:443 th.bing.com tcp
GB 88.221.135.25:443 th.bing.com tcp
GB 88.221.135.25:443 th.bing.com tcp
GB 88.221.135.25:443 th.bing.com tcp
GB 88.221.135.25:443 th.bing.com tcp
GB 88.221.135.25:443 th.bing.com tcp
US 8.8.8.8:53 login.microsoftonline.com udp
US 8.8.8.8:53 195.143.101.95.in-addr.arpa udp
US 8.8.8.8:53 www.iplocation.net udp
US 104.26.7.214:443 www.iplocation.net tcp
US 104.26.7.214:443 www.iplocation.net tcp
US 8.8.8.8:53 214.7.26.104.in-addr.arpa udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 code.jquery.com udp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 151.101.66.137:443 code.jquery.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
FR 185.235.86.1:443 ag.gbc.criteo.com tcp
US 152.199.19.161:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 151.101.66.137:443 code.jquery.com tcp
US 8.8.8.8:53 161.19.199.152.in-addr.arpa udp
FR 185.235.86.72:443 gem.gbc.criteo.com tcp
US 8.8.8.8:53 137.66.101.151.in-addr.arpa udp
US 8.8.8.8:53 14.25.17.104.in-addr.arpa udp
FR 185.235.86.62:443 gem.gbc.criteo.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 stackpath.bootstrapcdn.com udp
US 8.8.8.8:53 cdn.iplocation.net udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 www.ezojs.com udp
US 104.18.11.207:443 stackpath.bootstrapcdn.com tcp
US 104.18.11.207:443 stackpath.bootstrapcdn.com tcp
US 104.21.63.106:443 www.ezojs.com tcp
US 151.101.65.229:443 cdn.jsdelivr.net udp
FR 172.217.20.194:443 googleads.g.doubleclick.net udp
US 104.18.11.207:443 stackpath.bootstrapcdn.com tcp
US 104.21.63.106:443 www.ezojs.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
FR 185.235.86.76:443 gem.gbc.criteo.com tcp
FR 185.235.86.6:443 ag.gbc.criteo.com tcp
FR 185.235.86.62:443 gem.gbc.criteo.com tcp
FR 185.235.86.6:443 ag.gbc.criteo.com tcp
US 8.8.8.8:53 229.65.101.151.in-addr.arpa udp
US 8.8.8.8:53 207.11.18.104.in-addr.arpa udp
US 8.8.8.8:53 106.63.21.104.in-addr.arpa udp
FR 185.235.86.0:443 ag.gbc.criteo.com tcp
US 8.8.8.8:53 133.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 cdn4.buysellads.net udp
US 8.8.8.8:53 www.clarity.ms udp
US 8.8.8.8:53 cdn.fuseplatform.net udp
US 8.8.8.8:53 cdn.adpushup.com udp
US 8.8.8.8:53 cdn.pushmaster-cdn.xyz udp
US 152.199.21.70:443 cdn.adpushup.com tcp
US 13.107.246.64:443 www.clarity.ms tcp
US 104.17.160.237:443 cdn.fuseplatform.net tcp
US 13.107.246.64:443 www.clarity.ms tcp
US 104.17.160.237:443 cdn.fuseplatform.net tcp
US 152.199.21.70:443 cdn.adpushup.com tcp
NL 152.42.150.143:443 cdn4.buysellads.net tcp
NL 152.42.150.143:443 cdn4.buysellads.net tcp
US 8.8.8.8:53 70.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 tile.openstreetmap.org udp
US 151.101.129.91:443 tile.openstreetmap.org tcp
US 104.26.12.205:443 api.ipify.org tcp
US 172.67.72.27:443 cdn.pushmaster-cdn.xyz tcp
US 151.101.129.91:443 tile.openstreetmap.org tcp
US 172.67.72.27:443 cdn.pushmaster-cdn.xyz tcp
US 172.64.154.167:443 www2.bing.com tcp
US 8.8.8.8:53 143.150.42.152.in-addr.arpa udp
US 8.8.8.8:53 91.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 205.12.26.104.in-addr.arpa udp
US 8.8.8.8:53 237.160.17.104.in-addr.arpa udp
US 8.8.8.8:53 27.72.67.172.in-addr.arpa udp
US 8.8.8.8:53 167.154.64.172.in-addr.arpa udp
US 172.64.154.167:443 www2.bing.com tcp
US 152.199.21.70:443 cdn.adpushup.com tcp
US 8.8.8.8:53 http-intake.logs.us5.datadoghq.com udp
US 104.17.160.237:443 cdn.fuseplatform.net tcp
US 152.199.21.70:443 cdn.adpushup.com tcp
US 152.199.21.70:443 cdn.adpushup.com tcp
US 34.149.66.130:443 http-intake.logs.us5.datadoghq.com tcp
US 8.8.8.8:53 e3.adpushup.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 cmp.inmobi.com udp
US 104.17.160.237:443 cdn.fuseplatform.net tcp
US 152.199.21.70:443 e3.adpushup.com tcp
US 152.199.21.70:443 e3.adpushup.com tcp
US 152.199.21.70:443 e3.adpushup.com tcp
US 152.199.21.70:443 e3.adpushup.com tcp
FR 172.217.20.162:443 securepubads.g.doubleclick.net udp
US 152.199.21.70:443 e3.adpushup.com tcp
US 8.8.8.8:53 keymap.adpushup.com udp
US 152.199.21.70:443 keymap.adpushup.com tcp
CZ 65.9.95.26:443 cmp.inmobi.com tcp
US 152.199.21.70:443 keymap.adpushup.com tcp
US 8.8.8.8:53 campaign.adpushup.com udp
US 8.8.8.8:53 130.66.149.34.in-addr.arpa udp
US 152.199.21.175:443 campaign.adpushup.com tcp
US 152.199.21.175:443 campaign.adpushup.com tcp
US 151.101.65.229:443 cdn.jsdelivr.net udp
US 8.8.8.8:53 secure.quantserve.com udp
US 51.8.64.151:443 h.clarity.ms tcp
DE 91.228.74.244:443 secure.quantserve.com tcp
FR 185.235.86.63:443 gem.gbc.criteo.com tcp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 26.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 244.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 http-intake.logs.datadoghq.com udp
FR 142.250.179.106:443 ajax.googleapis.com udp
US 3.233.144.241:443 http-intake.logs.datadoghq.com tcp
US 3.233.144.241:443 http-intake.logs.datadoghq.com tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
US 34.120.63.153:443 prebid.media.net udp
NL 178.250.1.8:443 bidder.criteo.com tcp
US 8.8.8.8:53 rt.marphezis.com udp
US 8.8.8.8:53 mp.4dex.io udp
US 8.8.8.8:53 video.adpushup.com udp
US 8.8.8.8:53 script.4dex.io udp
US 8.8.8.8:53 srv.buysellads.com udp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 exchange.cootlogix.com udp
US 8.8.8.8:53 onetag-sys.com udp
US 35.186.253.211:443 rtb.openx.net udp
US 8.8.8.8:53 ads.servenobid.com udp
US 8.8.8.8:53 pbjs.e-planning.net udp
NL 185.89.210.20:443 ib.adnxs.com tcp
US 178.128.135.33:443 exchange.cootlogix.com tcp
US 178.128.135.33:443 exchange.cootlogix.com tcp
DE 51.89.9.254:443 onetag-sys.com tcp
US 104.26.8.169:443 script.4dex.io tcp
FR 142.250.74.238:443 www.youtube.com udp
US 8.8.8.8:53 c.4dex.io udp
GB 84.17.50.8:443 video.adpushup.com tcp
IE 54.73.207.30:443 ads.servenobid.com tcp
NL 193.3.178.4:443 pbjs.e-planning.net tcp
NL 152.42.150.143:443 srv.buysellads.com tcp
US 104.18.10.176:443 mp.4dex.io tcp
US 35.241.34.106:443 c.4dex.io tcp
US 8.8.8.8:53 rules.quantcount.com udp
CZ 65.9.95.77:443 rules.quantcount.com tcp
US 104.26.8.169:443 script.4dex.io tcp
FR 185.235.86.7:443 ag.gbc.criteo.com tcp
US 8.8.8.8:53 cadmus.script.ac udp
US 104.18.23.145:443 cadmus.script.ac tcp
US 8.8.8.8:53 175.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 241.144.233.3.in-addr.arpa udp
US 8.8.8.8:53 20.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 254.9.89.51.in-addr.arpa udp
US 8.8.8.8:53 169.8.26.104.in-addr.arpa udp
US 8.8.8.8:53 8.50.17.84.in-addr.arpa udp
US 8.8.8.8:53 176.10.18.104.in-addr.arpa udp
US 8.8.8.8:53 33.135.128.178.in-addr.arpa udp
US 8.8.8.8:53 4.178.3.193.in-addr.arpa udp
US 8.8.8.8:53 30.207.73.54.in-addr.arpa udp
US 8.8.8.8:53 106.34.241.35.in-addr.arpa udp
US 8.8.8.8:53 77.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 145.23.18.104.in-addr.arpa udp
US 130.211.23.194:443 api.btloader.com udp
NL 178.250.1.3:443 static.criteo.net tcp
US 35.241.34.106:443 c.4dex.io udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 aefd.nelreports.net udp
GB 173.222.211.40:443 aefd.nelreports.net tcp
GB 173.222.211.40:443 aefd.nelreports.net tcp
US 8.8.8.8:53 s0.2mdn.net udp
FR 142.250.179.70:443 s0.2mdn.net udp
FR 142.250.179.65:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 www.google.com udp
FR 172.217.20.196:443 www.google.com udp
US 35.241.34.106:443 c.4dex.io udp
CZ 65.9.95.26:443 cmp.inmobi.com tcp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 8.8.8.8:53 d1arl2thrafelv.cloudfront.net udp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
CZ 65.9.94.11:443 d1arl2thrafelv.cloudfront.net tcp
US 8.8.8.8:53 api.cmp.inmobi.com udp
DE 3.127.100.137:443 api.cmp.inmobi.com tcp
DE 3.127.100.137:443 api.cmp.inmobi.com tcp
US 8.8.8.8:53 9.223.224.13.in-addr.arpa udp
US 8.8.8.8:53 11.94.9.65.in-addr.arpa udp
US 8.8.8.8:53 40.211.222.173.in-addr.arpa udp
US 8.8.8.8:53 137.100.127.3.in-addr.arpa udp
FR 185.235.86.62:443 gem.gbc.criteo.com tcp
FR 185.235.86.6:443 ag.gbc.criteo.com tcp
US 8.8.8.8:53 maps.google.com udp
FR 142.250.179.78:443 maps.google.com tcp
US 8.8.8.8:53 in.pushmaster-in.xyz udp
SE 51.21.35.2:443 in.pushmaster-in.xyz tcp
FR 172.217.20.196:443 www.google.com udp
FR 142.250.179.78:443 maps.google.com udp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn2.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn1.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn3.gstatic.com udp
US 8.8.8.8:53 2.35.21.51.in-addr.arpa udp
FR 172.217.18.206:443 encrypted-tbn0.gstatic.com tcp
FR 172.217.18.206:443 encrypted-tbn0.gstatic.com tcp
FR 142.250.179.110:443 encrypted-tbn1.gstatic.com tcp
FR 142.250.178.142:443 encrypted-tbn2.gstatic.com tcp
US 8.8.8.8:53 maps.gstatic.com udp
US 8.8.8.8:53 maps.googleapis.com udp
FR 216.58.214.174:443 www.youtube.com udp
FR 142.250.201.174:443 encrypted-tbn3.gstatic.com tcp
FR 142.250.201.174:443 encrypted-tbn3.gstatic.com tcp
FR 142.250.178.131:443 maps.gstatic.com tcp
FR 142.250.178.131:443 maps.gstatic.com tcp
US 8.8.8.8:53 analytics.apis.mcafee.com udp
US 52.42.237.13:443 analytics.apis.mcafee.com tcp
US 51.8.64.151:443 h.clarity.ms tcp
US 8.8.8.8:53 btlr.sharethrough.com udp
US 178.128.135.33:443 exchange.cootlogix.com tcp
NL 193.3.178.4:443 pbjs.e-planning.net tcp
US 8.8.8.8:53 206.18.217.172.in-addr.arpa udp
US 8.8.8.8:53 110.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 142.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 131.178.250.142.in-addr.arpa udp
DE 54.93.228.39:443 btlr.sharethrough.com tcp
US 8.8.8.8:53 13.237.42.52.in-addr.arpa udp
US 8.8.8.8:53 39.228.93.54.in-addr.arpa udp
US 8.8.8.8:53 174.201.250.142.in-addr.arpa udp
GB 84.17.50.8:443 video.adpushup.com tcp
GB 92.123.143.232:443 sadownload.mcafee.com tcp
US 8.8.8.8:53 232.143.123.92.in-addr.arpa udp
DE 51.89.9.254:443 onetag-sys.com tcp
DE 54.93.228.39:443 btlr.sharethrough.com tcp
NL 185.89.210.20:443 ib.adnxs.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
IE 54.73.207.30:443 ads.servenobid.com tcp
NL 185.64.189.112:443 hbopenbid.pubmatic.com tcp
DE 3.127.100.137:443 api.cmp.inmobi.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
US 8.8.8.8:53 htlb.casalemedia.com udp
NL 147.75.81.235:443 sync.a-mo.net tcp
NL 188.166.203.175:443 rt.marphezis.com tcp
US 8.8.8.8:53 ex.ingage.tech udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 a.teads.tv udp
US 8.8.8.8:53 exchange.kueezrtb.com udp
US 8.8.8.8:53 prebid-server.rubiconproject.com udp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 pixel.quantserve.com udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 oa.openxcdn.net udp
US 172.64.152.89:443 cdn-ima.33across.com tcp
US 8.8.8.8:53 invstatic101.creativecdn.com udp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
IE 99.81.129.148:443 ap.lijit.com tcp
US 104.18.26.216:443 ex.ingage.tech tcp
US 149.28.57.102:443 exchange.kueezrtb.com tcp
US 149.28.57.102:443 exchange.kueezrtb.com tcp
US 149.28.57.102:443 exchange.kueezrtb.com tcp
US 149.28.57.102:443 exchange.kueezrtb.com tcp
GB 95.100.245.39:443 a.teads.tv tcp
US 172.64.151.101:443 htlb.casalemedia.com tcp
FR 172.217.20.193:443 a600e42834d861f8726e15ac324f607a.safeframe.googlesyndication.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
DE 91.228.74.200:443 pixel.quantserve.com tcp
CZ 65.9.95.100:443 tags.crwdcntrl.net tcp
US 34.96.70.87:443 invstatic101.creativecdn.com tcp
US 34.102.146.192:443 oa.openxcdn.net tcp
US 104.18.6.198:443 img.connatix.com tcp
FR 172.217.20.193:443 a600e42834d861f8726e15ac324f607a.safeframe.googlesyndication.com tcp
US 172.64.151.101:443 htlb.casalemedia.com tcp
US 104.18.26.216:443 ex.ingage.tech tcp
IE 99.81.129.148:443 ap.lijit.com tcp
GB 95.100.245.39:443 a.teads.tv tcp
US 149.28.57.102:443 exchange.kueezrtb.com tcp
US 172.64.151.101:443 htlb.casalemedia.com tcp
US 172.64.151.101:443 htlb.casalemedia.com tcp
US 8.8.8.8:53 oajs.openx.net udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
US 8.8.8.8:53 150.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 139.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 200.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 87.70.96.34.in-addr.arpa udp
US 8.8.8.8:53 192.146.102.34.in-addr.arpa udp
US 8.8.8.8:53 100.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 39.245.100.95.in-addr.arpa udp
US 8.8.8.8:53 216.26.18.104.in-addr.arpa udp
US 8.8.8.8:53 148.129.81.99.in-addr.arpa udp
NL 178.250.1.7:443 ssp-sync.criteo.com tcp
US 8.8.8.8:53 esp.rtbhouse.com udp
US 34.120.135.53:443 oajs.openx.net tcp
IE 52.215.197.51:443 bcp.crwdcntrl.net tcp
US 104.18.26.216:443 ex.ingage.tech tcp
US 34.120.135.53:443 oajs.openx.net tcp
US 35.190.39.111:443 esp.rtbhouse.com tcp
US 34.120.135.53:443 oajs.openx.net udp
US 8.8.8.8:53 hbx.media.net udp
US 8.8.8.8:53 warp.media.net udp
NL 152.42.150.143:443 srv.buysellads.com tcp
US 8.8.8.8:53 google-bidout-d.openx.net udp
GB 2.18.108.20:443 warp.media.net tcp
GB 2.18.108.20:443 warp.media.net tcp
US 34.98.64.218:443 google-bidout-d.openx.net tcp
US 8.8.8.8:53 contextual.media.net udp
US 8.8.8.8:53 qsearch-a.akamaihd.net udp
US 8.8.8.8:53 hblg.media.net udp
US 8.8.8.8:53 102.57.28.149.in-addr.arpa udp
US 8.8.8.8:53 53.135.120.34.in-addr.arpa udp
US 8.8.8.8:53 111.39.190.35.in-addr.arpa udp
US 8.8.8.8:53 218.64.98.34.in-addr.arpa udp
GB 92.123.140.147:443 qsearch-a.akamaihd.net tcp
GB 92.123.140.147:443 qsearch-a.akamaihd.net tcp
GB 95.100.244.20:443 contextual.media.net tcp
US 8.8.8.8:53 mnadshield-a.akamaihd.net udp
GB 92.123.143.218:443 mnadshield-a.akamaihd.net tcp
US 8.8.8.8:53 lg3.media.net udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 acdn.adnxs.com udp
US 8.8.8.8:53 public.servenobid.com udp
US 8.8.8.8:53 sync.cootlogix.com udp
US 8.8.8.8:53 hb.trustedstack.com udp
US 8.8.8.8:53 buysellads-d.openx.net udp
US 151.101.129.108:443 acdn.adnxs.com tcp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
GB 92.123.140.75:443 hb.trustedstack.com tcp
US 104.248.58.224:443 sync.cootlogix.com tcp
GB 2.18.108.192:443 ads.pubmatic.com tcp
CZ 65.9.95.114:443 public.servenobid.com tcp
US 152.199.21.70:443 keymap.adpushup.com tcp
DE 37.252.171.53:443 secure.adnxs.com tcp
DE 37.252.171.53:443 secure.adnxs.com tcp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 sync.richaudience.com udp
NL 178.250.1.9:443 dis.criteo.com tcp
NL 185.184.8.90:443 creativecdn.com tcp
US 8.8.8.8:53 bc-sync.com udp
US 8.8.8.8:53 match.prod.bidr.io udp
US 8.8.8.8:53 api-2-0.spot.im udp
NL 46.228.174.117:443 sync.1rx.io tcp
US 52.223.40.198:443 match.adsrvr.org tcp
US 8.8.8.8:53 b1sync.zemanta.com udp
NL 198.47.127.18:443 image8.pubmatic.com tcp
IE 108.128.166.156:443 jadserve.postrelease.com tcp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
NL 35.214.199.88:443 rtb.mfadsrvr.com tcp
US 8.8.8.8:53 id.rlcdn.com udp
US 192.132.33.68:443 bttrack.com tcp
US 172.111.38.86:443 tracker.open-adsyield.com tcp
US 54.157.90.78:443 sync.srv.stackadapt.com tcp
US 35.244.174.68:443 id.rlcdn.com udp
US 70.42.32.95:443 b1sync.zemanta.com tcp
US 70.42.32.95:443 b1sync.zemanta.com tcp
IE 52.30.90.44:443 match.prod.bidr.io tcp
US 8.8.8.8:53 eu-west-1-cs-rtb.openwebmp.com udp
DE 168.119.146.39:443 sync.richaudience.com tcp
US 8.8.8.8:53 gum.aidemsrv.com udp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
US 8.8.8.8:53 player.aniview.com udp
US 8.8.8.8:53 ssc-cms.33across.com udp
US 8.8.8.8:53 googleads4.g.doubleclick.net udp
US 3.232.184.20:443 api-2-0.spot.im tcp
US 8.2.108.175:443 bc-sync.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
DE 168.119.146.39:443 sync.richaudience.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 8.2.108.175:443 bc-sync.com tcp
US 3.232.184.20:443 api-2-0.spot.im tcp
IE 52.30.90.44:443 match.prod.bidr.io tcp
US 70.42.32.95:443 b1sync.zemanta.com tcp
US 54.157.90.78:443 sync.srv.stackadapt.com tcp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
US 35.244.174.68:443 id.rlcdn.com tcp
US 8.8.8.8:53 147.140.123.92.in-addr.arpa udp
US 8.8.8.8:53 218.143.123.92.in-addr.arpa udp
US 8.8.8.8:53 75.140.123.92.in-addr.arpa udp
US 8.8.8.8:53 224.58.248.104.in-addr.arpa udp
US 8.8.8.8:53 53.171.252.37.in-addr.arpa udp
US 3.233.144.241:443 http-intake.logs.datadoghq.com tcp
FR 5.135.209.100:443 ssbsync.smartadserver.com tcp
GB 92.123.140.19:443 player.aniview.com udp
FR 172.217.20.194:443 googleads4.g.doubleclick.net tcp
FR 172.217.20.194:443 googleads4.g.doubleclick.net tcp
US 67.202.105.23:443 ssc-cms.33across.com tcp
CZ 65.9.95.34:443 eu-west-1-cs-rtb.openwebmp.com tcp
US 18.233.214.218:443 cs-server-s2s.yellowblue.io tcp
US 104.17.43.93:443 gum.aidemsrv.com tcp
GB 2.22.101.110:443 secure-assets.rubiconproject.com tcp
CZ 65.9.95.34:443 eu-west-1-cs-rtb.openwebmp.com tcp
US 35.244.159.8:443 buysellads-d.openx.net udp
US 8.8.8.8:53 cdn.topsrvimp.com udp
US 8.8.8.8:53 image6.pubmatic.com udp
NL 208.93.169.131:443 bh.contextweb.com tcp
US 8.8.8.8:53 media.grid.bidswitch.net udp
US 8.8.8.8:53 grid-mercury.criteo.com udp
US 8.8.8.8:53 cat.nl3.eu.criteo.com udp
NL 198.47.127.19:443 image6.pubmatic.com tcp
GB 87.248.204.1:443 cdn.topsrvimp.com tcp
NL 178.250.1.6:443 cat.nl3.eu.criteo.com tcp
NL 178.250.1.39:443 grid-mercury.criteo.com tcp
NL 35.214.200.194:443 media.grid.bidswitch.net tcp
GB 92.123.140.19:443 player.aniview.com tcp
US 8.8.8.8:53 p.rfihub.com udp
US 8.8.8.8:53 ce.lijit.com udp
US 8.8.8.8:53 ssp.disqus.com udp
US 8.8.8.8:53 match.sharethrough.com udp
US 69.166.1.34:443 sync.go.sonobi.com tcp
US 69.166.1.34:443 sync.go.sonobi.com tcp
US 152.199.21.70:443 keymap.adpushup.com tcp
US 152.199.21.70:443 keymap.adpushup.com tcp
US 69.166.1.34:443 sync.go.sonobi.com tcp
DE 18.195.234.25:443 match.sharethrough.com tcp
NL 193.0.160.130:443 p.rfihub.com tcp
IE 54.76.104.34:443 ce.lijit.com tcp
US 152.199.21.70:443 keymap.adpushup.com tcp
US 152.199.21.70:443 keymap.adpushup.com tcp
CZ 65.9.95.80:443 ssp.disqus.com tcp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 8.8.8.8:53 18.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 44.90.30.52.in-addr.arpa udp
US 8.8.8.8:53 95.32.42.70.in-addr.arpa udp
US 8.8.8.8:53 78.90.157.54.in-addr.arpa udp
US 8.8.8.8:53 20.184.232.3.in-addr.arpa udp
US 8.8.8.8:53 100.209.135.5.in-addr.arpa udp
US 8.8.8.8:53 93.43.17.104.in-addr.arpa udp
US 8.8.8.8:53 23.105.202.67.in-addr.arpa udp
US 8.8.8.8:53 34.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 1.204.248.87.in-addr.arpa udp
US 8.8.8.8:53 19.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 6.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 39.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 194.200.214.35.in-addr.arpa udp
US 8.8.8.8:53 34.1.166.69.in-addr.arpa udp
US 8.8.8.8:53 130.160.0.193.in-addr.arpa udp
US 8.8.8.8:53 25.234.195.18.in-addr.arpa udp
US 8.8.8.8:53 34.104.76.54.in-addr.arpa udp
US 8.8.8.8:53 80.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 g2.gumgum.com udp
IE 52.51.201.224:443 g2.gumgum.com tcp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 pixel.33across.com udp
US 8.8.8.8:53 cdn.dxkulture.com udp
US 104.18.12.192:443 cdn.dxkulture.com tcp
FR 185.235.86.3:443 ag.gbc.criteo.com tcp
US 8.8.8.8:53 224.201.51.52.in-addr.arpa udp
US 8.8.8.8:53 192.12.18.104.in-addr.arpa udp
GB 95.100.245.251:443 eus.rubiconproject.com tcp
GB 95.100.245.251:443 eus.rubiconproject.com tcp
GB 95.100.245.251:443 eus.rubiconproject.com tcp
US 8.8.8.8:53 pdc.bidswitch.net udp
US 8.8.8.8:53 stags.bluekai.com udp
US 8.8.8.8:53 mybestsearches.com udp
US 8.8.8.8:53 media.net udp
US 8.8.8.8:53 st.pubmatic.com udp
GB 2.18.108.192:443 ads.pubmatic.com tcp
IE 52.30.90.44:443 match.prod.bidr.io tcp
NL 35.214.245.243:443 pdc.bidswitch.net tcp
GB 95.100.245.12:443 stags.bluekai.com tcp
GB 2.18.109.123:443 z.moatads.com tcp
GB 2.18.108.20:443 lg3.media.net tcp
GB 2.18.108.20:443 lg3.media.net tcp
NL 185.64.189.221:443 st.pubmatic.com tcp
NL 178.250.1.11:443 dnacdn.net tcp
US 52.223.40.198:443 match.adsrvr.org tcp
US 8.8.8.8:53 cms.quantserve.com udp
IE 54.154.214.78:443 ad.360yield.com tcp
US 8.8.8.8:53 s.ad.smaato.net udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 8.8.8.8:53 js-sec.indexww.com udp
US 8.8.8.8:53 sync.kueezrtb.com udp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
GB 108.156.39.10:443 s.ad.smaato.net tcp
CZ 65.9.95.114:443 eu-west-1-cs-rtb.openwebmp.com tcp
US 8.8.8.8:53 cs.ingage.tech udp
GB 95.100.244.20:443 contextual.media.net tcp
IE 99.81.129.148:443 ap.lijit.com tcp
NL 147.75.81.235:443 sync.a-mo.net tcp
US 159.223.97.109:443 sync.kueezrtb.com tcp
NL 185.184.8.90:443 creativecdn.com tcp
DE 91.228.74.166:443 cms.quantserve.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
IE 54.73.207.30:443 ads.servenobid.com tcp
DE 91.228.74.166:443 cms.quantserve.com tcp
IE 54.154.214.78:443 ad.360yield.com tcp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 44.219.147.208:443 cs.ingage.tech tcp
US 44.219.147.208:443 cs.ingage.tech tcp
DE 51.89.9.254:443 onetag-sys.com tcp
US 8.8.8.8:53 12.245.100.95.in-addr.arpa udp
US 8.8.8.8:53 243.245.214.35.in-addr.arpa udp
US 8.8.8.8:53 221.189.64.185.in-addr.arpa udp
US 8.8.8.8:53 10.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 123.109.18.2.in-addr.arpa udp
GB 2.22.101.110:443 secure-assets.rubiconproject.com tcp
US 104.18.36.155:443 ssum-sec.casalemedia.com tcp
US 104.18.38.76:443 js-sec.indexww.com tcp
US 80.77.87.108:443 eexsync.com tcp
IE 54.73.207.30:443 ads.servenobid.com tcp
US 80.77.87.108:443 eexsync.com tcp
GB 2.18.108.192:443 ads.pubmatic.com tcp
GB 2.18.108.192:443 ads.pubmatic.com tcp
IE 54.73.207.30:443 ads.servenobid.com tcp
NL 185.89.210.20:443 ib.adnxs.com tcp
IE 54.76.104.34:443 ce.lijit.com tcp
DE 18.195.234.25:443 match.sharethrough.com tcp
US 104.17.43.93:443 gum.aidemsrv.com tcp
NL 35.214.245.243:443 pdc.bidswitch.net tcp
NL 35.214.245.243:443 pdc.bidswitch.net tcp
FR 185.235.86.57:443 gem.gbc.criteo.com tcp
FR 185.235.86.65:443 gem.gbc.criteo.com tcp
IE 54.76.104.34:443 ce.lijit.com tcp
NL 178.250.1.11:443 dnacdn.net tcp
US 44.219.147.208:443 cs.ingage.tech tcp
GB 84.17.50.8:443 video.adpushup.com tcp
DE 37.252.171.53:443 secure.adnxs.com tcp
US 8.2.108.175:443 bc-sync.com tcp
US 3.232.184.20:443 api-2-0.spot.im tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
US 54.157.90.78:443 sync.srv.stackadapt.com tcp
NL 35.214.199.88:443 rtb.mfadsrvr.com tcp
US 172.111.38.86:443 tracker.open-adsyield.com tcp
IE 108.128.166.156:443 jadserve.postrelease.com tcp
US 192.132.33.68:443 bttrack.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
US 8.8.8.8:53 166.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 109.97.223.159.in-addr.arpa udp
US 8.8.8.8:53 208.147.219.44.in-addr.arpa udp
US 8.8.8.8:53 155.36.18.104.in-addr.arpa udp
US 8.8.8.8:53 76.38.18.104.in-addr.arpa udp
US 8.8.8.8:53 108.87.77.80.in-addr.arpa udp
US 8.8.8.8:53 apien.ldmnq.com udp
US 69.166.1.34:443 sync.go.sonobi.com tcp
NL 193.0.160.130:443 p.rfihub.com tcp
GB 13.224.132.126:443 apien.ldmnq.com tcp
DE 168.119.146.39:443 sync.richaudience.com tcp
US 67.202.105.23:443 pixel.33across.com tcp
FR 142.250.75.226:443 cm.g.doubleclick.net udp
NL 35.214.149.91:443 x.bidswitch.net tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
US 104.22.50.98:443 spl.zeotap.com tcp
IE 54.76.104.34:443 ce.lijit.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
US 18.233.214.218:443 cs-server-s2s.yellowblue.io tcp
US 8.8.8.8:53 sync.adkernel.com udp
US 104.17.43.93:443 gum.aidemsrv.com tcp
NL 77.245.57.72:443 sync.adkernel.com tcp
FR 5.135.209.100:443 ssbsync.smartadserver.com tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
US 104.22.50.98:443 spl.zeotap.com tcp
US 8.8.8.8:53 us-u.openx.net udp
US 54.157.90.78:443 sync.srv.stackadapt.com tcp
US 8.8.8.8:53 pr-bh.ybp.yahoo.com udp
US 8.8.8.8:53 sync.ipredictive.com udp
US 8.8.8.8:53 match.deepintent.com udp
FR 185.235.86.2:443 ag.gbc.criteo.com tcp
FR 185.235.86.65:443 gem.gbc.criteo.com tcp
FR 185.235.86.2:443 ag.gbc.criteo.com tcp
FR 185.235.86.67:443 gem.gbc.criteo.com tcp
US 54.146.139.8:443 sync.ipredictive.com tcp
IE 99.81.56.19:443 pr-bh.ybp.yahoo.com tcp
US 34.98.64.218:443 us-u.openx.net tcp
US 8.8.8.8:53 usersync.gumgum.com udp
US 169.197.150.8:443 match.deepintent.com tcp
NL 77.245.57.72:443 sync.adkernel.com tcp
US 169.197.150.8:443 match.deepintent.com tcp
US 18.233.214.218:443 cs-server-s2s.yellowblue.io tcp
IE 34.247.233.198:443 usersync.gumgum.com tcp
IE 34.247.233.198:443 usersync.gumgum.com tcp
US 8.8.8.8:53 126.132.224.13.in-addr.arpa udp
US 8.8.8.8:53 72.57.245.77.in-addr.arpa udp
US 8.8.8.8:53 19.56.81.99.in-addr.arpa udp
US 8.8.8.8:53 8.139.146.54.in-addr.arpa udp
IE 34.248.3.118:443 ads.yieldmo.com tcp
US 8.8.8.8:53 ads.dxkulture.com udp
IE 34.247.233.198:443 usersync.gumgum.com tcp
US 45.55.126.71:443 ads.dxkulture.com tcp
FR 185.235.86.20:443 ag.gbc.criteo.com tcp
DK 37.157.6.237:443 c1.adform.net tcp
JP 124.146.153.162:443 tg.socdm.com tcp
IE 34.247.233.198:443 usersync.gumgum.com tcp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
JP 124.146.153.162:443 tg.socdm.com tcp
NL 89.149.193.120:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 8.150.197.169.in-addr.arpa udp
US 8.8.8.8:53 198.233.247.34.in-addr.arpa udp
US 8.8.8.8:53 118.3.248.34.in-addr.arpa udp
US 8.8.8.8:53 71.126.55.45.in-addr.arpa udp
US 8.8.8.8:53 237.6.157.37.in-addr.arpa udp
US 8.8.8.8:53 120.193.149.89.in-addr.arpa udp
NL 188.166.203.175:443 rt.marphezis.com tcp
US 45.55.126.71:443 ads.dxkulture.com tcp
US 45.55.126.71:443 ads.dxkulture.com tcp
NL 35.214.169.107:443 csync.loopme.me tcp
NL 46.228.174.117:443 sync.1rx.io tcp
NL 89.149.193.120:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 39.146.119.168.in-addr.arpa udp
US 8.8.8.8:53 wt.rqtrk.eu udp
DE 57.129.18.109:443 wt.rqtrk.eu tcp
IE 34.247.233.198:443 usersync.gumgum.com tcp
US 8.8.8.8:53 token.rubiconproject.com udp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
US 8.8.8.8:53 109.18.129.57.in-addr.arpa udp
GB 92.123.143.232:443 sadownload.mcafee.com tcp
IE 54.73.207.30:443 ads.servenobid.com tcp
DE 18.195.234.25:443 match.sharethrough.com tcp
US 8.8.8.8:53 mb.moatads.com udp
US 51.8.64.151:443 h.clarity.ms tcp
GB 141.147.81.223:443 mb.moatads.com tcp
FR 185.235.86.62:443 gem.gbc.criteo.com tcp
GB 84.17.50.8:443 video.adpushup.com tcp
GB 95.100.245.251:443 eus.rubiconproject.com tcp
US 8.8.8.8:53 px.moatads.com udp
GB 2.18.109.123:443 px.moatads.com tcp
IE 52.30.90.44:443 match.prod.bidr.io tcp
US 8.8.8.8:53 home.mcafee.com udp
GB 2.22.132.123:443 home.mcafee.com tcp
NL 185.184.8.90:443 creativecdn.com tcp
US 8.8.8.8:53 223.81.147.141.in-addr.arpa udp
GB 2.22.132.123:443 home.mcafee.com tcp
US 8.8.8.8:53 middledata.ldplayer.net udp
US 52.42.237.13:443 analytics.apis.mcafee.com tcp
IE 34.247.233.198:443 usersync.gumgum.com tcp
FR 185.235.86.6:443 ag.gbc.criteo.com tcp
SG 8.219.48.146:443 middledata.ldplayer.net tcp
IE 34.247.233.198:443 usersync.gumgum.com tcp
IE 34.247.233.198:443 usersync.gumgum.com tcp
US 52.42.237.13:443 analytics.apis.mcafee.com tcp
US 8.8.8.8:53 123.132.22.2.in-addr.arpa udp
GB 2.18.109.123:443 px.moatads.com tcp
US 8.8.8.8:53 146.48.219.8.in-addr.arpa udp
US 104.17.43.93:443 gum.aidemsrv.com tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
US 104.26.7.214:443 cdn.iplocation.net tcp
FR 185.235.86.65:443 gem.gbc.criteo.com tcp
US 104.26.7.214:443 cdn.iplocation.net tcp
FR 185.235.86.2:443 ag.gbc.criteo.com tcp
US 8.8.8.8:53 idsync.rlcdn.com udp
US 45.55.126.71:443 ads.dxkulture.com tcp
US 35.244.174.68:443 idsync.rlcdn.com tcp
GB 84.17.50.8:443 video.adpushup.com tcp
US 45.55.126.71:443 ads.dxkulture.com tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
US 45.55.126.71:443 ads.dxkulture.com tcp
US 104.26.7.214:443 cdn.iplocation.net tcp
NL 188.166.203.175:443 rt.marphezis.com tcp
US 51.8.64.151:443 h.clarity.ms tcp
US 8.8.8.8:53 d.illuma-tech.com udp
IE 34.254.0.192:443 d.illuma-tech.com tcp
NL 185.64.189.221:443 st.pubmatic.com tcp
US 8.8.8.8:53 192.0.254.34.in-addr.arpa udp
GB 2.18.109.123:443 px.moatads.com tcp
FR 185.235.86.24:443 ag.gbc.criteo.com tcp
SG 8.219.48.146:443 middledata.ldplayer.net tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
FR 185.235.86.59:443 gem.gbc.criteo.com tcp
FR 185.235.86.71:443 gem.gbc.criteo.com tcp
GB 84.17.50.8:443 video.adpushup.com tcp
GB 84.17.50.8:443 video.adpushup.com tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
FR 185.235.86.14:443 ag.gbc.criteo.com tcp
FR 185.235.86.59:443 gem.gbc.criteo.com tcp
FR 185.235.86.14:443 ag.gbc.criteo.com tcp
FR 185.235.86.72:443 gem.gbc.criteo.com tcp
CZ 65.9.95.80:443 ssp.disqus.com tcp
IE 54.73.207.30:443 ads.servenobid.com tcp
FR 185.235.86.1:443 ag.gbc.criteo.com tcp
US 3.233.144.241:443 http-intake.logs.datadoghq.com tcp
US 8.8.8.8:53 h.clarity.ms udp
US 51.8.64.151:443 h.clarity.ms tcp
US 104.18.6.198:443 img.connatix.com tcp
US 8.8.8.8:53 sadownload.mcafee.com udp
GB 92.123.142.66:443 sadownload.mcafee.com tcp
GB 95.100.245.39:443 a.teads.tv tcp
NL 147.75.81.235:443 sync.a-mo.net tcp
NL 185.64.189.112:443 hbopenbid.pubmatic.com tcp
DE 54.93.228.39:443 btlr.sharethrough.com tcp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
IE 99.81.129.148:443 ap.lijit.com tcp
US 172.64.151.101:443 ssum-sec.casalemedia.com tcp
NL 188.166.203.175:443 rt.marphezis.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
NL 69.173.156.150:443 prebid-server.rubiconproject.com tcp
IE 54.73.207.30:443 ads.servenobid.com tcp
NL 185.89.210.20:443 ib.adnxs.com tcp
DE 51.89.9.254:443 onetag-sys.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
GB 84.17.50.8:443 video.adpushup.com tcp
NL 178.250.1.7:443 ssp-sync.criteo.com tcp
US 3.233.144.241:443 http-intake.logs.datadoghq.com tcp
US 152.199.21.70:443 keymap.adpushup.com tcp
US 8.8.8.8:53 66.142.123.92.in-addr.arpa udp
GB 2.18.109.123:443 px.moatads.com tcp
US 3.233.144.241:443 http-intake.logs.datadoghq.com tcp
NL 35.214.200.194:443 media.grid.bidswitch.net tcp
NL 178.250.1.39:443 grid-mercury.criteo.com tcp
NL 178.250.1.6:443 cat.nl3.eu.criteo.com tcp
GB 95.100.245.12:443 stags.bluekai.com tcp
NL 35.214.245.243:443 pdc.bidswitch.net tcp
FR 185.235.86.65:443 gem.gbc.criteo.com tcp
NL 35.214.245.243:443 pdc.bidswitch.net tcp
FR 185.235.86.2:443 ag.gbc.criteo.com tcp
FR 185.235.86.59:443 gem.gbc.criteo.com tcp
FR 185.235.86.14:443 ag.gbc.criteo.com tcp
US 51.8.64.151:443 h.clarity.ms tcp
NL 69.173.156.149:443 token.rubiconproject.com tcp
US 70.42.32.95:443 b1sync.zemanta.com tcp
GB 2.18.109.123:443 px.moatads.com tcp
CZ 65.9.95.80:443 ssp.disqus.com tcp
NL 77.245.57.72:443 sync.adkernel.com tcp
GB 84.17.50.8:443 video.adpushup.com tcp
US 104.18.6.198:443 img.connatix.com tcp
US 104.18.6.198:443 img.connatix.com tcp
US 8.8.8.8:53 ade.googlesyndication.com udp
FR 142.250.75.226:443 ade.googlesyndication.com tcp
SG 8.219.48.146:443 middledata.ldplayer.net tcp
IE 34.247.233.198:443 usersync.gumgum.com tcp
FR 142.250.75.226:443 ade.googlesyndication.com udp
IE 34.247.233.198:443 usersync.gumgum.com tcp
IE 34.247.233.198:443 usersync.gumgum.com tcp
FR 5.135.209.100:443 ssbsync.smartadserver.com tcp
US 104.26.7.214:443 cdn.iplocation.net tcp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
NL 188.166.203.175:443 rt.marphezis.com tcp
GB 84.17.50.8:443 video.adpushup.com tcp
US 8.8.8.8:53 ox-rtb-europe-west4.openx.net udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 34.98.84.165:443 ox-rtb-europe-west4.openx.net tcp
US 8.8.8.8:53 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev udp
CZ 65.9.95.83:443 config.aps.amazon-adsystem.com tcp
CZ 65.9.95.100:443 tags.crwdcntrl.net tcp
US 8.8.8.8:53 secure.cdn.fastclick.net udp
GB 18.245.250.165:443 aax.amazon-adsystem.com tcp
US 54.82.185.231:443 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev tcp
NL 23.218.48.210:443 secure.cdn.fastclick.net tcp
US 34.98.64.218:443 us-u.openx.net udp
GB 2.18.109.123:443 px.moatads.com tcp
US 8.8.8.8:53 cdn.doubleverify.com udp
US 8.8.8.8:53 165.84.98.34.in-addr.arpa udp
US 8.8.8.8:53 165.250.245.18.in-addr.arpa udp
US 8.8.8.8:53 83.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 210.48.218.23.in-addr.arpa udp
GB 2.18.190.147:443 cdn.doubleverify.com tcp
GB 2.18.190.147:443 cdn.doubleverify.com tcp
US 130.211.44.5:443 tps.doubleverify.com tcp
US 3.233.144.241:443 http-intake.logs.datadoghq.com tcp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 231.185.82.54.in-addr.arpa udp
US 8.8.8.8:53 147.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 5.44.211.130.in-addr.arpa udp
GB 88.221.135.34:443 www.bing.com tcp
US 8.8.8.8:53 34.135.221.88.in-addr.arpa udp
IE 52.51.201.224:443 g2.gumgum.com tcp
US 104.26.7.214:443 cdn.iplocation.net tcp
NL 188.166.203.175:443 rt.marphezis.com tcp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
US 34.98.84.165:443 ox-rtb-europe-west4.openx.net udp
GB 18.245.250.165:443 aax.amazon-adsystem.com tcp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
GB 2.18.190.147:443 cdn.doubleverify.com tcp
FR 185.235.86.7:443 ag.gbc.criteo.com tcp
US 8.8.8.8:53 tpsc-ew1.doubleverify.com udp
US 51.8.64.151:443 h.clarity.ms tcp
US 130.211.44.5:443 tpsc-ew1.doubleverify.com tcp
FR 185.235.86.75:443 gem.gbc.criteo.com tcp
FR 185.235.86.63:443 gem.gbc.criteo.com tcp
FR 185.235.86.57:443 gem.gbc.criteo.com tcp
FR 185.235.86.11:443 ag.gbc.criteo.com tcp
FR 185.235.86.75:443 gem.gbc.criteo.com tcp
FR 185.235.86.11:443 ag.gbc.criteo.com tcp
FR 185.235.86.3:443 ag.gbc.criteo.com tcp
US 104.18.6.198:443 img.connatix.com tcp
US 51.8.64.151:443 h.clarity.ms tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 130.211.44.5:443 tpsc-ew1.doubleverify.com tcp
US 130.211.44.5:443 tpsc-ew1.doubleverify.com tcp
FR 142.250.201.162:443 pubads.g.doubleclick.net udp
US 130.211.44.5:443 tpsc-ew1.doubleverify.com tcp
US 130.211.44.5:443 tpsc-ew1.doubleverify.com tcp
US 130.211.44.5:443 tpsc-ew1.doubleverify.com tcp
US 130.211.44.5:443 tpsc-ew1.doubleverify.com tcp
FR 185.235.86.59:443 gem.gbc.criteo.com tcp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
GB 2.18.109.123:443 px.moatads.com tcp
FR 185.235.86.14:443 ag.gbc.criteo.com tcp
US 104.18.6.198:443 img.connatix.com tcp
FR 185.235.86.11:443 ag.gbc.criteo.com tcp
FR 185.235.86.75:443 gem.gbc.criteo.com tcp
US 8.8.8.8:53 vid.connatix.com udp
US 104.18.6.198:443 vid.connatix.com tcp
US 104.18.6.198:443 vid.connatix.com tcp
US 51.8.64.151:443 h.clarity.ms tcp
US 8.8.8.8:53 discord.gg udp
US 162.159.134.234:443 discord.gg tcp
US 162.159.134.234:443 discord.gg tcp
SG 8.219.48.146:443 middledata.ldplayer.net tcp
US 8.8.8.8:53 discord.com udp
US 8.8.8.8:53 234.134.159.162.in-addr.arpa udp
US 162.159.136.232:443 discord.com tcp
FR 185.235.86.6:443 ag.gbc.criteo.com tcp
US 8.8.8.8:53 ad.ldplayer.net udp
US 8.8.8.8:53 en.ldplayer.net udp
US 8.8.8.8:53 cdn.ldplayer.net udp
CZ 65.9.95.53:443 ad.ldplayer.net tcp
GB 163.181.57.234:443 cdn.ldplayer.net tcp
GB 163.181.57.234:443 cdn.ldplayer.net tcp
GB 163.181.57.237:443 cdn.ldplayer.net tcp
SG 8.219.48.146:443 middledata.ldplayer.net tcp
GB 163.181.57.234:443 cdn.ldplayer.net tcp
US 8.8.8.8:53 232.136.159.162.in-addr.arpa udp
US 8.8.8.8:53 53.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 234.57.181.163.in-addr.arpa udp
US 8.8.8.8:53 237.57.181.163.in-addr.arpa udp
US 8.8.8.8:53 advertise.ldplayer.net udp
GB 163.181.57.234:443 cdn.ldplayer.net tcp
GB 79.133.176.235:443 advertise.ldplayer.net tcp
GB 163.181.57.234:443 cdn.ldplayer.net tcp
US 8.8.8.8:53 235.176.133.79.in-addr.arpa udp
US 8.8.8.8:53 res.ldplayer.net udp
FR 185.235.86.62:443 gem.gbc.criteo.com tcp
FR 185.235.86.58:443 gem.gbc.criteo.com tcp
GB 79.133.176.235:443 res.ldplayer.net tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
SG 8.219.48.146:443 middledata.ldplayer.net tcp
GB 79.133.176.235:443 res.ldplayer.net tcp
FR 185.235.86.71:443 gem.gbc.criteo.com tcp
US 8.8.8.8:53 encdn.ldmnq.com udp
FR 185.235.86.25:443 ag.gbc.criteo.com tcp
FR 185.235.86.58:443 gem.gbc.criteo.com tcp
FR 185.235.86.25:443 ag.gbc.criteo.com tcp
CZ 65.9.95.96:443 encdn.ldmnq.com tcp
US 8.8.8.8:53 cdn.discordapp.com udp
US 162.159.135.233:443 cdn.discordapp.com tcp
US 8.8.8.8:53 233.135.159.162.in-addr.arpa udp
GB 79.133.176.235:443 res.ldplayer.net tcp
FR 185.235.86.24:443 ag.gbc.criteo.com tcp
GB 79.133.176.235:443 res.ldplayer.net tcp
GB 79.133.176.235:443 res.ldplayer.net tcp
CZ 65.9.95.53:443 ad.ldplayer.net tcp
CZ 65.9.95.53:443 ad.ldplayer.net tcp
US 51.8.64.151:443 h.clarity.ms tcp
GB 79.133.176.235:443 res.ldplayer.net tcp
GB 79.133.176.235:443 res.ldplayer.net tcp
US 8.8.8.8:53 www.ldplayer.net udp
GB 163.181.57.234:443 www.ldplayer.net tcp
GB 163.181.57.236:443 www.ldplayer.net tcp
CZ 65.9.95.96:443 encdn.ldmnq.com tcp
US 8.8.8.8:53 play-lh.googleusercontent.com udp
FR 216.58.214.182:443 play-lh.googleusercontent.com tcp
FR 216.58.214.174:443 www.youtube.com udp
US 8.8.8.8:53 alliance.ldplayer.net udp
US 8.8.8.8:53 cdn.ldplayer.net udp
FR 185.235.86.75:443 gem.gbc.criteo.com tcp
CZ 65.9.95.24:443 alliance.ldplayer.net tcp
US 8.8.8.8:53 c.pki.goog udp
FR 216.58.214.67:80 c.pki.goog tcp
NL 178.250.1.11:443 dnacdn.net tcp
US 8.8.8.8:53 encdn.ldmnq.com udp
US 8.8.8.8:53 i.ytimg.com udp
FR 172.217.20.214:443 i.ytimg.com tcp
US 172.67.70.36:443 cmp.setupcmp.com tcp
CZ 65.9.95.48:443 encdn.ldmnq.com tcp
CZ 65.9.95.48:443 encdn.ldmnq.com tcp
CZ 65.9.95.48:443 encdn.ldmnq.com tcp
CZ 65.9.95.48:443 encdn.ldmnq.com tcp
US 8.8.8.8:53 o.pki.goog udp
FR 216.58.214.67:80 o.pki.goog tcp
CZ 65.9.95.48:443 encdn.ldmnq.com tcp
FR 172.217.20.194:443 googleads4.g.doubleclick.net udp
US 8.8.8.8:53 67.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 24.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 214.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 48.95.9.65.in-addr.arpa udp
GB 18.245.250.165:443 aax.amazon-adsystem.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
NL 147.75.81.235:443 sync.a-mo.net tcp
US 172.67.68.162:443 prebid-stag.setupad.net tcp
US 8.8.8.8:53 prg.smartadserver.com udp
NL 185.106.140.18:443 rtb.adxpremium.services tcp
US 35.186.253.211:443 rtb.openx.net udp
NL 185.184.8.90:443 creativecdn.com tcp
DK 37.157.3.20:443 adx.adform.net tcp
US 104.22.52.173:443 cdn.hadronid.net tcp
NL 89.149.193.80:443 prg.smartadserver.com tcp
US 8.8.8.8:53 static.doubleclick.net udp
FR 172.217.20.196:443 www.google.com udp
US 8.8.8.8:53 yt3.ggpht.com udp
US 8.8.8.8:53 apien.ldplayer.net udp
US 104.18.31.49:443 stpd.cloud tcp
FR 142.250.74.234:443 maps.googleapis.com tcp
GB 99.86.114.121:443 apien.ldplayer.net tcp
FR 142.250.74.230:443 static.doubleclick.net tcp
FR 216.58.213.65:443 yt3.ggpht.com tcp
GB 79.133.176.235:443 res.ldplayer.net tcp
US 8.8.8.8:53 apien.ldmnq.com udp
GB 13.224.132.126:80 apien.ldmnq.com tcp
FR 185.235.86.11:443 ag.gbc.criteo.com tcp
US 8.8.8.8:53 id.hadron.ad.gt udp
US 104.22.5.69:443 id.hadron.ad.gt tcp
NL 178.250.1.11:443 dnacdn.net tcp
NL 178.250.1.7:443 ssp-sync.criteo.com tcp
DK 37.157.6.233:443 c1.adform.net tcp
GB 13.224.132.126:443 apien.ldmnq.com tcp
CZ 65.9.95.53:443 ad.ldplayer.net tcp
CZ 65.9.95.53:443 ad.ldplayer.net tcp
US 8.8.8.8:53 80.193.149.89.in-addr.arpa udp
US 8.8.8.8:53 234.74.250.142.in-addr.arpa udp
US 8.8.8.8:53 121.114.86.99.in-addr.arpa udp
US 8.8.8.8:53 230.74.250.142.in-addr.arpa udp
US 8.8.8.8:53 65.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 69.5.22.104.in-addr.arpa udp
GB 79.133.176.235:443 res.ldplayer.net tcp
US 8.8.8.8:53 play.google.com udp
FR 142.250.201.174:443 play.google.com tcp
FR 142.250.201.174:443 play.google.com tcp
FR 142.250.201.174:443 play.google.com tcp
GB 163.181.57.234:443 cdn.ldplayer.net tcp
FR 142.250.201.174:443 play.google.com udp
NL 89.149.193.80:443 prg.smartadserver.com tcp
NL 185.106.140.18:443 rtb.adxpremium.services tcp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 id5-sync.com udp
NL 108.177.127.84:443 accounts.google.com udp
US 8.8.8.8:53 a744dad9627fa991cdd97453910a5715.safeframe.googlesyndication.com udp
NL 108.177.127.84:443 accounts.google.com tcp
FR 172.217.20.193:443 a744dad9627fa991cdd97453910a5715.safeframe.googlesyndication.com tcp
DE 162.19.138.120:443 id5-sync.com tcp
DE 162.19.138.116:443 id5-sync.com tcp
DE 162.19.138.120:443 id5-sync.com tcp
GB 13.224.132.126:443 apien.ldmnq.com tcp
FR 185.235.86.25:443 ag.gbc.criteo.com tcp
FR 185.235.86.58:443 gem.gbc.criteo.com tcp
CZ 65.9.95.53:443 ad.ldplayer.net tcp
CZ 65.9.95.53:443 ad.ldplayer.net tcp
FR 185.235.86.2:443 ag.gbc.criteo.com tcp
FR 185.235.86.65:443 gem.gbc.criteo.com tcp
FR 185.235.86.63:443 gem.gbc.criteo.com tcp
CZ 65.9.95.53:443 ad.ldplayer.net tcp
FR 185.235.86.7:443 ag.gbc.criteo.com tcp
FR 185.235.86.58:443 gem.gbc.criteo.com tcp
CZ 65.9.95.53:443 ad.ldplayer.net tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 27304926d60324abe74d7a4b571c35ea
SHA1 78b8f92fcaf4a09eaa786bbe33fd1b0222ef29c1
SHA256 7039ad5c2b40f4d97c8c2269f4942be13436d739b2e1f8feb7a0c9f9fdb931de
SHA512 f5b6181d3f432238c7365f64fc8a373299e23ba8178bcc419471916ef8b23e909787c7c0617ab22e4eb90909c02bd7b84f1386fbc61e2bdb5a0eb474175da4bd

\??\pipe\LOCAL\crashpad_1172_RBTUBWYOQKSYUJUD

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 9e3fc58a8fb86c93d19e1500b873ef6f
SHA1 c6aae5f4e26f5570db5e14bba8d5061867a33b56
SHA256 828f4eacac1c40b790fd70dbb6fa6ba03dcc681171d9b2a6579626d27837b1c4
SHA512 e5e245b56fa82075e060f468a3224cf2ef43f1b6d87f0351a2102d85c7c897e559be4caeaecfdc4059af29fdc674681b61229319dda95cb2ee649b2eb98d313e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6874814a6ec76a4103a02de03658900b
SHA1 af63ffbfb86d53ce770cbf99ddc4f4f1694a8032
SHA256 5916456485fe23335507a8276c1cf8baac661dfb44e126235348c94efded3095
SHA512 1cf1c7b961127228de13ef45dfbf497bf24898febdc5841c4dda1dafa8ec45dfadef5fdcd9a0a56135e3d74206279d66cdad964e5d1be392895ecefcc391ae2c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 165512dfb79a9c7d54976dc1f05245de
SHA1 1fb73a18823f701808adfd46c5cf79cdec2e0103
SHA256 f264510a1f5197359579c52aacad49a291347a9b0c019d8434ec6e35e8c69563
SHA512 2de9f64f57bcbcb8121bca14d19382ada70a16632b47ef63499579f73474cd25c24d344fed705a0cfa32aeee1211229cfdec2d9358734b24a40589f2d06c245d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6f530b6ebe39c9c6511614f7ca1c21e3
SHA1 7e5c2930a656be5c8ae5ceb59ea6c6a446c479c0
SHA256 8e1a56e4e4e2047968a5a041a0284dc09c2ded8f81fb92d903498e13d0b7bfdf
SHA512 c27a62d7e363e5dbba0c2827b195db96466c56b40b6b68fb7237120dddf63bfe6480048fee60c9e76bfd0cb4ec5f0abd29223f71367c8cac84660a1a642cc7a6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe5807cb.TMP

MD5 152427b0bd3481a444c1a809a50d1d47
SHA1 4e3127445d038808274945412af913e272adc894
SHA256 5cefd77b25573c5a9561ed57eb7dcdafbd707002a59dd4309fb64e7195e59e0d
SHA512 43b7af42da5e2a701d74138a6020b7e236317fc0f4736db5823d7c186508db89d2bf36c83ded312eadacb6da8992cf4be5b503b9ff2c60afbf23bb4fe8ce7e96

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c723ffabfbfd1dc1f336f4aa6337dd9f
SHA1 afb8148b874dc993436e1f13d2836739e8968189
SHA256 2f44dd4680076163565f9d727eb25f6db6180e4af6fd732a94ef8c5e75a35d38
SHA512 f0a1003d092253e0c5c5c300757e1c200a659295fb68a70a364eed601bfb9c0bbdf08261bc7831a2c738d876c99b6db5e049612cfdf87fb62342c7ce37f7b8b7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 fe44ec971f6ae4df6529129af58b6e1c
SHA1 4e3e383e278496af53e8ce628dd01825a7b6e6e5
SHA256 8684eb1bdfdfdf68d5996ba4f7d9f70b5ff93260b646e5832cf2c1ecd87ad692
SHA512 635d12d4609b5d8895c5c2d714ab453fa42fb54d79ff08be0b1be1a5a2e345bee40e77272d03c0c7f8471daf1f175e3b060eec4e5a282c0d6ce426e07d3b37f3

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 14be075cd785bbbdef1cb611a825c854
SHA1 3afe54fddf5631e9019e9fc06d5e927c745e871b
SHA256 6f8a9809d8c5092739192bd4433cbb64bdb91ab9bd365a5c12030dc297f6acdb
SHA512 58d294a24a9307fb26e20e9db837e05e8e9a8f7ddeda293a29c7d9fe3f9fc5641cfaaa7329e5e88379d60d2b18f9dbe44b8d2177e0021c59960021ec6d119c68

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c56aef77d4c698f713bd952ca5f81dc7
SHA1 98abeb9cb9db8dc3a586bec21655be792bb5b6a3
SHA256 d7d5e8cff164e7adc9cb51d46403ec4de49b2bc5ef480b826fae5b4937ff78e5
SHA512 0fe819c98408e728609675a9fdbdd39717c280e884a2dbb052df53f336dc8ccbcb4d3ba2e4863e47ee8d713765d1d6a24013b0f8ef948b1e71d7a298a2b0a0c4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 733d6a408d6520e7f8c30bbd1416bc26
SHA1 89a0049d1faf9059dbc68f5924d154dd28ace193
SHA256 1eae3bbb0429c90f6a1952ae9ab38e6d3cf1e57e66d810eec75b093c508acbec
SHA512 f171bfdd3c49a76d4715fb146144973bd998991b8f83566625f65789398fe02944994ece4b9b41e8969cffacbe82dfb4a05f68add7e655439a84a5fb0e484b74

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 7ebe6aaebafbe4a411162873bc58a1c4
SHA1 fc092b5ded4561ce14dda4dd795d677ad112dd89
SHA256 25a3e9960cce421ce3f14edef69fe7c258abaa3d6fd8236a5fcabf5ba902a311
SHA512 1f56daeede3f26e49103265ca7837945e554466368a54b58c21a2f98d6281211f6be67533605b685eb6dcdb9eaae64be07f161ac4a2c2ae6a31c210f86c69934

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 5dd55ce62ef92f04eabb5e3fd660213f
SHA1 f43ddd634adf9cbbcc308c19e3f248828523594e
SHA256 02ecd52ed1ed2e536fc1edbc3af9de7aef9ccd68e2a1939fc1e402edc7016edc
SHA512 b66d1233b14d7d3dcdd61143ce098a82785ff71fed3f8a797c9030292566c75bd01ce34311e7f41c878cd0a0cbefe5cfe04acf0eb6aec86a0e11ad332aed65c1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a146c6549d8703f13cd827555f8ccc8b
SHA1 55984db60135c2b8f3cb13d5b07b76f09601f38d
SHA256 22b7c5b5131201818be30ef6d11736472569df1f98f3c569ed94e71d10a24048
SHA512 a867281dffcc6354bc85326399a812953b964d6901f753180ae3301fcbe1bcca0be11faacb9b553869dbd8912a76d4fc2982cf2aa7b71064fef04a52425eaf54

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 605416a3886e3f4425bc895aadcbcb52
SHA1 91a0de13f27d92a3c6df22b3679b817b7ba30d4c
SHA256 2ec6e4b40c0d585cb2ad0bbe327e89b7e20d12d1d0bea33b3204955f7fe04788
SHA512 34c2808f18d62b5ae2defaaf65f9afcf5d44c71996a96c744da2267ce902e3a089c480804dd9519f763dd899989918deef3ea366f3af764ea63469fb7c648375

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 86f0cd71f3edd1c2bcf4a759782b8497
SHA1 a85d69d2afb89ffd637dd961eacb901c4f0afdb3
SHA256 add5df5a0af66eff75159199bf3ee2921c17a0098614db2c71d866d38dc1132a
SHA512 c1f82063ef61fe1d1038f3e9c2802478571f468b686dbf9ba55a546993053b8bdad6d9de22f19ad666cd8897236d23501940f40b65c5a7b25808220bd357d853

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6a0debeaccee6f960f2f2334065df0cd
SHA1 de9efbc11e3539f7db2212e0600d426d63a14461
SHA256 027a97aaa219378833ffbc043626838553927936454bacdc2a42e9805415027f
SHA512 8cdb3d329908a485ab66ed86b31817081bcededc86b450b570147f29a0afd5b9b9fec847950c9319911c2a903c8ccc77be62ca4d9f65f8c7862282697bc2d425

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 622e165758945a0efa9bf2b98da36336
SHA1 382343fb3a958ad6ec5398b84f6e33e14d2cc02c
SHA256 7dd522216454816be791f8acd2b96c7b77ccff77e317229f8c01e119ff75393b
SHA512 bc20e60faed7b9f2620f33a4ca30a3b5baa12e33bb54aedf3b2b8c75665cc54203d0b0a7a7aea4de641dfe712d45f5dba657683475b3cd506c77f318fc5c428a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c371b71100eff32ebd91a4e5ae8b185e
SHA1 33914d3e0d88323f5eb3685b30bab716d7aef538
SHA256 037eea4ea4f686ce54fd6228a7aebbae3ca4891703d4a45c39fedf05e40b8008
SHA512 d2ba8562aea57e351bbf100adc8af65f69e62bedbef56fa2faabd2af7e8bc6cd1810b745dfb0888d87f22c2a0ab63589d18e270dbaae12978d2ca406d2cac085

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006a

MD5 588ee33c26fe83cb97ca65e3c66b2e87
SHA1 842429b803132c3e7827af42fe4dc7a66e736b37
SHA256 bbc4044fe46acd7ab69d8a4e3db46e7e3ca713b05fa8ecb096ebe9e133bba760
SHA512 6f7500b12fc7a9f57c00711af2bc8a7c62973f9a8e37012b88a0726d06063add02077420bc280e7163302d5f3a005ac8796aee97042c40954144d84c26adbd04

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

MD5 fdf09c3c067041ffdefcc9e1bdea9718
SHA1 e31cf28187466b23af697eedc92c542589b6c148
SHA256 144754d90b3eaad27d8a11c86faadb24da4ddc251bead8e43b9ed515fafb84da
SHA512 9e32b294cfc17fd52fbdd62732571f4ee57dc0308d62af476331887d0e2446b483ceac06ba4617cfbb1c347d771c0f7ea12108bc384e93f69b180c7ca1a92268

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a7257c467ec864ec0dbeaabdb961a50c
SHA1 dcc3858fdb1de0a85e98f8b348b433a6fc20acec
SHA256 1a10ba1055079c32867092de42b6f50ba2f8148fbf72e4347933805b75189494
SHA512 d1c17337d220d77b6f26ec5d8edc3db8235ee02d5c93c212b15d10619c85dd515ddbb1962c75aff78bf5e64429de4b47c895c8da871e45371823f9cba3cbfa68

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3cc5401d91f409963c3e4ffb8686e021
SHA1 bf07188b34f2a035b2a8db8b483d0abb856a12bf
SHA256 445f8e6f4d61f214d912e645a30f6651b05fada04402d9c1192f3f78fddab122
SHA512 971d29c06693567cf40ec59c2c19b65e54986043f7c77951e428b97a5ead9fc8e7a89e44d3f98671b91c18dcb35971e6676659eee671c49d990d9bceb4004091

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 605296676a91e2ea7b8135d7a8b39f6d
SHA1 8111c8a29f1a838fe3b2c4ee9ea624cb6bd1c6ad
SHA256 5ea5fbc617e9686529fabd8db08a78c55cd50e0e4b09cac0d8307f7fc2d6e178
SHA512 a60db4761e4e429741e70fdd868d48c1391b098ebf3a7b90e3b2021f2f0ecfeb62eb2a1c1574b7d1428aa6429475b9e29506d233f3b9a7038685cb0770804329

C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe

MD5 3191d6165056c1d4283c23bc0b6a0785
SHA1 d072084d2cac90facdf6ee9363c71a79ff001016
SHA256 cbd127eca5601ef7b8f7bec72e73cf7ae1386696c68af83a252c947559513791
SHA512 ac0fa1c6e8192395ec54f301bc9294c2a13cb50698d79d1ca32db9d4deb4852e7607032733d721bc5c9fd8d1ce5610dd73b30b66e0302141377f263a3b7fa0f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 4f4fdda5bfb370566ccc0c56a138a24f
SHA1 ae6a76694c844c79769c139eb3d7c5a5be9c160c
SHA256 2638fdf6d0056d123f8e6311cbd5e97deb09136d625adb7a396f4686ba1a9bc6
SHA512 c70c8bdf7cb076cde9b7b2decd9049f513fbcdc8dc182b69957d6f2951c4c2ac13e50337fa0dfff4b4ca2f0d3f6a142cd4dfca514dd2d928b13dcbe44e9dcf5a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 d68fb03e88ace5ed7399f3234ff8c2dc
SHA1 d193a4446c99dc7bdb5e5374f71c6b5248b165ff
SHA256 9383d9a9c32b48ca35243ff5a779cb8de042c4171f76bccf7741fad73c0299f4
SHA512 77e101d998324b68ec8391b31b8008366ec44dd421920d4786121e72937d044a17ba51e83c510160b0cfdf8b3d78f0d25ade7f476f4f12cbf38b7ec0de08d2dd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f8f1ba9cc964593b450d8f8bccb7a120
SHA1 4bd48d8d5e700e95a2c551b9e1a86e8185dbcd84
SHA256 ac91be346968c8dbbab6c87b477c95dcf4862ccb5e86047154ec8d27b628fdab
SHA512 6ae950e1b394d3ad99c40b45cb658ad466cfc5e35e7e6a35073e3e1af92abf1bc4d2b84075edde9e54050c32c1c4c407e7c71fb1e18523582eea1489cca7934a

C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe

MD5 9f1edaf7fec140c4fbf752bceb8faee9
SHA1 446e908ae656e01c864606d2cef06ed8abd96fb3
SHA256 810a386924e8aeb9ad6a432067a96b9af05b2070b4a034b28c6d715d99740666
SHA512 2a97bdf30878cabc8460b26baa810fce2f06e649a98937c4112e674ddec24a3cab259b820fd6a382a11cb7d8167b33ebe28ae7e10338a283b299b9c5a4951f0e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 082d212aeb92178bbf74f0d2e36e871a
SHA1 28f82bff46024b750c62958dedb229ec2aa0869c
SHA256 f257e3cd7747a76a4f94c3850b94be677dcf1d6dc23b9564915ba585f6353aba
SHA512 2b1e2035fd7d7ca5ef581ac24bdf0d2175aa91f45bc6422ca251ff07e66ab4b9cf8a71b865501ebb3fab8d8a183f4ecf90e3b4184804c2dd3dd4da5930403b85

C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\576e1c153e9a4c8db9cb845a7679bfcc

MD5 576e1c153e9a4c8db9cb845a7679bfcc
SHA1 7fa5235289c1eb038774cdcf30be21cb72771201
SHA256 da54941bc273cb5ea3c50a3df7983f6560114d0e9f6fe196a2077e3810f561dd
SHA512 a4d956c4c860ba9b652647c4fd94ba0a617d1ec3436a8fe267292d36b38805acc4f484aa65e9c45e20c10536365a13645d25acbdc4c23e7506829a6f603820af

C:\Program Files (x86)\Roblox\Versions\version-6fdcfe060c6440cd\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MD5 610b1b60dc8729bad759c92f82ee2804
SHA1 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552
SHA256 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08
SHA512 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\MicrosoftEdgeUpdate.exe

MD5 4dc57ab56e37cd05e81f0d8aaafc5179
SHA1 494a90728d7680f979b0ad87f09b5b58f16d1cd5
SHA256 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718
SHA512 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdate.dll

MD5 965b3af7886e7bf6584488658c050ca2
SHA1 72daabdde7cd500c483d0eeecb1bd19708f8e4a5
SHA256 d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19
SHA512 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_en.dll

MD5 4a1e3cf488e998ef4d22ac25ccc520a5
SHA1 dc568a6e3c9465474ef0d761581c733b3371b1cd
SHA256 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011
SHA512 ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\MicrosoftEdgeUpdateCore.exe

MD5 c044dcfa4d518df8fc9d4a161d49cece
SHA1 91bd4e933b22c010454fd6d3e3b042ab6e8b2149
SHA256 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2
SHA512 f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\MicrosoftEdgeComRegisterShellARM64.exe

MD5 7a160c6016922713345454265807f08d
SHA1 e36ee184edd449252eb2dfd3016d5b0d2edad3c6
SHA256 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9
SHA512 c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_af.dll

MD5 567aec2d42d02675eb515bbd852be7db
SHA1 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37
SHA256 a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c
SHA512 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_bg.dll

MD5 8375b1b756b2a74a12def575351e6bbd
SHA1 802ec096425dc1cab723d4cf2fd1a868315d3727
SHA256 a12df15afac4eb2695626d7a8a2888bdf54c8db671043b0677180f746d8ad105
SHA512 aec4bb94fde884db79a629abcff27fd8afb7f229d055514f51fa570fb47a85f8dfc9a54a8f69607d2bcaf82fae1ec7ffab0b246795a77a589be11fad51b24d19

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_ca.dll

MD5 39551d8d284c108a17dc5f74a7084bb5
SHA1 6e43fc5cec4b4b0d44f3b45253c5e0b032e8e884
SHA256 8dbd55ed532073874f4fe006ef456e31642317145bd18ddc30f681ce9e0c8e07
SHA512 6fa5013a9ce62deca9fa90a98849401b6e164bbad8bef00a8a8b228427520dd584e28cba19c71e2c658692390fe29be28f0398cb6c0f9324c56290bb245d06d2

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_bn-IN.dll

MD5 a94cf5e8b1708a43393263a33e739edd
SHA1 1068868bdc271a52aaae6f749028ed3170b09cce
SHA256 5b01fe11016610d5606f815281c970c86025732fc597b99c031a018626cd9f3c
SHA512 920f7fed1b720afdb569aec2961bd827a6fc54b4598c0704f65da781d142b1707e5106a459f0c289e0f476b054d93c0b733806af036b68f46377dde0541af2e7

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_bs.dll

MD5 e338dccaa43962697db9f67e0265a3fc
SHA1 4c6c327efc12d21c4299df7b97bf2c45840e0d83
SHA256 99b1b7e25fbc2c64489c0607cef0ae5ff720ab529e11093ed9860d953adeba04
SHA512 e0c15b166892433ef31ddf6b086680c55e1a515bed89d51edbdf526fcac71fb4e8cb2fadc739ac75ae5c2d9819fc985ca873b0e9e2a2925f82e0a456210898f9

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_bn.dll

MD5 7dc58c4e27eaf84ae9984cff2cc16235
SHA1 3f53499ddc487658932a8c2bcf562ba32afd3bda
SHA256 e32f77ed3067d7735d10f80e5a0aa0c50c993b59b82dc834f2583c314e28fa98
SHA512 bdec1300cf83ea06dfd351fe1252b850fecea08f9ef9cb1207fce40ce30742348db953107ade6cdb0612af2e774345faf03a8a6476f2f26735eb89153b4256dc

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_az.dll

MD5 7937c407ebe21170daf0975779f1aa49
SHA1 4c2a40e76209abd2492dfaaf65ef24de72291346
SHA256 5ab96e4e6e065dbce3b643c6be2c668f5570984ead1a8b3578bbd2056fbad4e9
SHA512 8670746941660e6573732077f5ed1b630f94a825cf4ac9dbe5018772eaac1c48216334757a2aeaa561034b4d907162a370b8f0bae83b34a09457fafe165fb5d7

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_as.dll

MD5 a8d3210e34bf6f63a35590245c16bc1b
SHA1 f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693
SHA256 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766
SHA512 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_ar.dll

MD5 570efe7aa117a1f98c7a682f8112cb6d
SHA1 536e7c49e24e9aa068a021a8f258e3e4e69fa64f
SHA256 e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01
SHA512 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_am.dll

MD5 f6c1324070b6c4e2a8f8921652bfbdfa
SHA1 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf
SHA256 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717
SHA512 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\EdgeUpdate.dat

MD5 369bbc37cff290adb8963dc5e518b9b8
SHA1 de0ef569f7ef55032e4b18d3a03542cc2bbac191
SHA256 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3
SHA512 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\NOTICE.TXT

MD5 6dd5bf0743f2366a0bdd37e302783bcd
SHA1 e5ff6e044c40c02b1fc78304804fe1f993fed2e6
SHA256 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5
SHA512 f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe

MD5 60dba9b06b56e58f5aea1a4149c743d2
SHA1 a7e456acf64dd99ca30259cf45b88cf2515a69b3
SHA256 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112
SHA512 e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_ca-Es-VALENCIA.dll

MD5 2929e8d496d95739f207b9f59b13f925
SHA1 7c1c574194d9e31ca91e2a21a5c671e5e95c734c
SHA256 2726c48a468f8f6debc2d9a6a0706b640b2852c885e603e6b2dec638756160df
SHA512 ea459305d3c3fa7a546194f649722b76072f31e75d59da149c57ff05f4af8f38a809066054df809303937bbca917e67441da2f0e1ea37b50007c25ae99429957

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_cs.dll

MD5 16c84ad1222284f40968a851f541d6bb
SHA1 bc26d50e15ccaed6a5fbe801943117269b3b8e6b
SHA256 e0f0026ddcbeafc6c991da6ba7c52927d050f928dba4a7153552efcea893a35b
SHA512 d3018619469ed25d84713bd6b6515c9a27528810765ed41741ac92caf0a3f72345c465a5bda825041df69e1264aada322b62e10c7ed20b3d1bcde82c7e146b7e

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_cy.dll

MD5 34d991980016595b803d212dc356d765
SHA1 e3a35df6488c3463c2a7adf89029e1dd8308f816
SHA256 252b6f9bf5a9cb59ad1c072e289cc9695c0040b363d4bfbcc9618a12df77d18e
SHA512 8a6cbcf812af37e3ead789fbec6cba9c4e1829dbeea6200f0abbdae15efd1eda38c3a2576e819d95ed2df0aafd2370480daa24a3fe6aeb8081a936d5e1f8d8ed

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_da.dll

MD5 d34380d302b16eab40d5b63cfb4ed0fe
SHA1 1d3047119e353a55dc215666f2b7b69f0ede775b
SHA256 fd98159338d1f3b03814af31440d37d15ab183c1a230e6261fbb90e402f85d5f
SHA512 45ce58f4343755e392037a9c6fc301ad9392e280a72b9d4b6d328866fe26877b2988c39e05c4e7f1d5b046c0864714b897d35285e222fd668f0d71b7b10e6538

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_de.dll

MD5 aab01f0d7bdc51b190f27ce58701c1da
SHA1 1a21aabab0875651efd974100a81cda52c462997
SHA256 061a7cdaff9867ddb0bd3de2c0760d6919d8d2ca7c7f889ec2d32265d7e7a75c
SHA512 5edbda45205b61ac48ea6e874411bb1031989001539650de6e424528f72ec8071bd709c037c956450bb0558ee37d026c26fdb966efceb990ed1219f135b09e6e

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_el.dll

MD5 ac275b6e825c3bd87d96b52eac36c0f6
SHA1 29e537d81f5d997285b62cd2efea088c3284d18f
SHA256 223d2db0bc2cc82bda04a0a2cd2b7f6cb589e2fa5c0471a2d5eb04d2ffcfcfa0
SHA512 bba581412c4297c4daf245550a2656cdc2923f77158b171e0eacf6e933c174eac84580864813cf6d75d73d1a58e0caf46170aee3cee9d84dc468379252b16679

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_en-GB.dll

MD5 d749e093f263244d276b6ffcf4ef4b42
SHA1 69f024c769632cdbb019943552bac5281d4cbe05
SHA256 fd90699e7f29b6028a2e8e6f3ae82d26cdc6942bd39c4f07b221d87c5dbbfe1e
SHA512 48d51b006ce0cd903154fa03d17e76591db739c4bfb64243725d21d4aa17db57a852077be00b9a51815d09664d18f9e6ad61d9bc41b3d013ed24aaec8f477ad9

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_es.dll

MD5 9db7f66f9dc417ebba021bc45af5d34b
SHA1 6815318b05019f521d65f6046cf340ad88e40971
SHA256 e652159a75cbab76217ecbb4340020f277175838b316b32cf71e18d83da4a819
SHA512 943d8fc0d308c5ccd5ab068fc10e799b92465a22841ce700c636e7ae1c12995d99c0a93ab85c1ae27fefce869eabadbeafee0f2f5f010ad3b35fa4f748b54952

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_et.dll

MD5 b78cba3088ecdc571412955742ea560b
SHA1 bc04cf9014cec5b9f240235b5ff0f29dbdb22926
SHA256 f0a4cfd96c85f2d98a3c9ecfadd41c0c139fdb20470c8004f4c112dd3d69e085
SHA512 04c8ab8e62017df63e411a49fb6218c341672f348cb9950b1f0d2b2a48016036f395b4568da70989f038e8e28efea65ddd284dfd490e93b6731d9e3e0e0813cf

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_eu.dll

MD5 a7e1f4f482522a647311735699bec186
SHA1 3b4b4b6e6a5e0c1981c62b6b33a0ca78f82b7bbd
SHA256 e5615c838a71b533b26d308509954907bcc0eb4032cdbaa3db621eede5e6bfa4
SHA512 22131600bbac8d9c2dab358e244ec85315a1aaebfc0fb62aaa1493c418c8832c3a6fbf24a6f8cf4704fdc4bc10a66c88839a719116b4a3d85264b7ad93c54d57

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_fa.dll

MD5 cbe3454843ce2f36201460e316af1404
SHA1 0883394c28cb60be8276cb690496318fcabea424
SHA256 c66c4024847d353e9985eb9b2f060b2d84f12cc77fb6479df5ffc55dbda97e59
SHA512 f39e660f3bfab288871d3ec40135c16d31c6eb1a84136e065b54ff306f6f8016a788c713d4d8e46ad62e459f9073d2307a6ed650919b2dd00577bbfd04e5bd73

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_es-419.dll

MD5 28fefc59008ef0325682a0611f8dba70
SHA1 f528803c731c11d8d92c5660cb4125c26bb75265
SHA256 55a69ce2d6fc4109d16172ba6d9edb59dbadbc8af6746cc71dc4045aa549022d
SHA512 2ec71244303beac7d5ce0905001fe5b0fb996ad1d1c35e63eecd4d9b87751f0633a281554b3f0aa02ee44b8ceaad85a671ef6c34589055797912324e48cc23ed

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_fi.dll

MD5 d45f2d476ed78fa3e30f16e11c1c61ea
SHA1 8c8c5d5f77cd8764c4ca0c389daee89e658dfd5e
SHA256 acf42b90190110ccf30bcfb2626dd999a14e42a72a3983928cba98d44f0a72e2
SHA512 2a876e0313a03e75b837d43e9c5bb10fcec385fbb0638faa984ee4bb68b485b04d14c59cd4ed561aaa7f746975e459954e276e73fc3f5f4605ae7f333ce85f1b

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_fil.dll

MD5 7c66526dc65de144f3444556c3dba7b8
SHA1 6721a1f45ac779e82eecc9a584bcf4bcee365940
SHA256 e622823096fc656f63d5a7bbdf3744745ef389c92ec1b804d3b874578e18c89d
SHA512 dbc803c593ae0b18fd989fdc5e9e6aee8f16b893ae8d17e9d88436e2cd8cae23d06e32e4c8a8bf67fc5311b6f2a184c4e6795fed6d15b3d766ef5affc8923e2f

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_fr.dll

MD5 64c47a66830992f0bdfd05036a290498
SHA1 88b1b8faa511ee9f4a0e944a0289db48a8680640
SHA256 a9b72fcb3bdb5e021b8d23b2de0caeca80ddc50420088b988a5b7503f2d7c961
SHA512 426546310c12aeb80d56e6b40973a5f4dffef72e14d1ac79e3f267e4df2a0022b89e08bba8ab2ffa24f90b0c035a009bed3066201e30fe961d84ed854e48f9c5

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_fr-CA.dll

MD5 b534e068001e8729faf212ad3c0da16c
SHA1 999fa33c5ea856d305cc359c18ea8e994a83f7a9
SHA256 445051ef15c6c872bed6d904169793837e41029a8578eaf81d78a4641ef53511
SHA512 e937d2e0f43ade3f4a5e9cdeb6dd8c8ad8b5b50a7b6b779bda727a4fe1ced93abd06720395cc69a274ce3b0f7c6b65e1eba1ecf069db64edb80d007fbb4eedbb

C:\Program Files (x86)\Microsoft\Temp\EU475B.tmp\msedgeupdateres_ga.dll

MD5 3b8a5301c4cf21b439953c97bd3c441c
SHA1 8a7b48bb3d75279de5f5eb88b5a83437c9a2014a
SHA256 abc9822ee193c9a98a21202648a48ecd69b0cb19ff31c9bbf0c79dab5f9609b0
SHA512 068166cfdf879caf4e54fe43c5265a692fcaf6a9dcbf151335fd054bbec06260bc5ed489de6d46ca3fc0044bc61fa1468fea85373c6c66349620618ee869383a

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 92a640703988c8c291f3dcf60de0ac15
SHA1 01d58e2e300d3135cc138929ba6ee75e84d33491
SHA256 64b56b1a0cef214f2700c556aea24f801dbd980189df5dd761925822f76e8909
SHA512 74b17ac5a71449378d52ead4eaf47d55bfd3532fc577a6134770b16352e55046e4b5da5668eae599292fb488ed546d33192cf63318d3c1282604285529879e1f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 74995338f86ddd5b7277a46b8a63b3bf
SHA1 3a6bb5ca0f51c5326d7d54b09ec6fa77f711c5b3
SHA256 0d731b43bd535a296d24128269f989809ba099421d1ef867b41e5c1ea531147f
SHA512 2168148038d1dfcb10e54b229e43210f4f222e2b22b73f8ca76aeae1e875f745bf8975995bf022b8eefbd1b1dc113e8f4c451ea7dc1adc7cb9f0a79f0873f514

memory/4228-1662-0x00000000000C0000-0x00000000000F5000-memory.dmp

memory/4228-1663-0x0000000073E30000-0x0000000074040000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 14386964503d567cd9140b131bf61b79
SHA1 a2c5702381f89f844877dd4a8bdbf70db1a0fff3
SHA256 8d2723f9fa19a7155402388d2c1d4879285295b1c9a4ef0996a68e5f575b9eb3
SHA512 0360fed829679116cf293f660d84abc9d700c44be73952cd2a8f99ee971193fc1f82e699aa86ecc45270cacaf185e372855ef64be9f31e57d7cbd036ceeaab62

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f82a7d957307c5b173beda354923ffbd
SHA1 3be0ac16d4625bb8557447942eef12bce05d9776
SHA256 1636c14ee7550633d6363448e3d9c61f2ce635fd84f25291a829a657f385d616
SHA512 17c0322ab04e8166427945ba905040c1c9e749b1a202c8ea3804e524da2cc90c47a4a904858d6b7be6b0e88608f93d97962d2c5f1955b70fc0ed4bd88e99a648

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 e1ac9b6c2ac45b6e9b380b0e62181421
SHA1 d949de4ab8d4a4ea2d2b466cd0a52b5d5a4a2de0
SHA256 696597638f8accf535bd5a93760991ef8bebdbb3527969cb02444e5be1ccff9e
SHA512 51e1ed92a737adaea434582ad68eac527b9f36e9051d16f595149f634b98672029b44cf646e11cd3d2d55c45fc62afaccfee6787f360cd5470fdbf98dca5b229

C:\Program Files\MsEdgeCrashpad\settings.dat

MD5 b1885e3fb0d83c74cb6362093ad3c873
SHA1 ad40585f792c72313e483cca132265019a5a6e33
SHA256 2322bf7603c568cc452832a950745c44e8eacddf5821072b84739557733b0b5b
SHA512 49913717dbc5342b0d5405dcb02d89e55af6be8bbd6c95a6d9965c5ff0546e8caae8433f3dccda190ecac5822695b8b4cd425d83532443e91f6d5e5c8b33dca7

memory/4228-1735-0x0000000073E30000-0x0000000074040000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 da6114823f9c313c53b1159ea17f3c7d
SHA1 6efadcab850e676367fb2e1a9878e43a6d21c582
SHA256 c1e9d88b2ad90a900a89f4671c243b51035bd30f8dd5b528ae2355fd966b6db6
SHA512 4a38215b29a7a6a5490e5ad5b5486786ac3490365cbec6caafcb4753484c3a12e2a7662115b2472022e80be7ed2e815211890cea383e827a3e7eca7d7cae2c34

C:\Program Files (x86)\Microsoft\EdgeCore\127.0.2651.98\Installer\setup.exe

MD5 527503f430c5fd4a542f8c0f163fde47
SHA1 6b4db644895df6c71b547d8b147ef3e327418f9d
SHA256 d1d9b6fa51141f58b95191c8a62cc5a4c9568ba4b70e3deba4e1929df9a97628
SHA512 ece940340ba2216966b6d4b28a950826b55f8987998c101c534331674376b148dfbfacaf5c78695944bf940dea07ed4887f9572e09c118e307752036679850b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5cb7cf6e816cdd57aaaf7666b534e514
SHA1 9107e81a2edb0064abfb297ce0a290dfc9d9960e
SHA256 b23bbe1a0766aaa916374e0a4bcff345ce1e6b6e31b300ad692227d944434f03
SHA512 f14dfc7353b3194d1c92db2126fbbbbd5b73f470243317afcf5cfd3d7bdc3db1241632af85bcf2c8b0006b330a11af778e888e17a5dee93edea1bfb72aeb4c0e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 75ae2795bc25a4299b360c0c373d3284
SHA1 6f184858f5281f6088c9d831bd7df276a27c101d
SHA256 c90ca45671b6986f8d0871f989ab17d0563e20860dc58af726a28c44f8f2c2ef
SHA512 aa02cece7990334a2b87e8431292fa11c5e93805a32f8ad5ddba7d2398ac7ccd22c16369fbb87bb08c492b7cf64de17c0d3075fed6e695ef0e480d5c61528c1c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5db4cafbfd393ea3dfcb8b264692b865
SHA1 24dcb1793c84b5b094bf4acc4bcef96b00918314
SHA256 e2c257df44d680b411cefa586bcc0e664b36e6e4e287bcfdf3ca8844ca584bdb
SHA512 42c5da44c66cb84371f765b6281de2f761395f2e12d3c4aa81a79264b573d5ff92e182954640b5e8b0b5b852b28e25f906b52a5bc0c4fc88f17d87bd3b05215c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3f6e3dce00c5f81a93153e85fff887db
SHA1 b1fdc1d49983ea9508cad14bc7da36008cc1210d
SHA256 a2b20517235c19dbe6595a6d615315f20e3954408702b53488678aeac2cf6145
SHA512 394caebc9aa7f7e97094b4b923aeb2d82dfbd197bbfb3939498437360b4c75bcd889075aa831b5c3ad6f8368d4e2df7e64b2c4e38dcfe650f0df87ece357f5be

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 42885d112261f4cb808cb2299fe60f99
SHA1 bbc796b1e717c808027bea769c96bdaf721e6a7b
SHA256 5d89a46f74c0f3f7cf44e675a398888bf9a7cda8af707dc7094a5cf3c0242d6d
SHA512 b38985821cf888f16574cc061a42d399812ed29c0008760301b9578a6d36966e5a0fbc935498c909b3f98a4b5554486b58c2f07aba1862d3f11de076d808bf70

memory/4228-2115-0x00000000000C0000-0x00000000000F5000-memory.dmp

memory/4512-2132-0x00007FF978510000-0x00007FF978520000-memory.dmp

memory/4512-2136-0x00007FF978670000-0x00007FF9786A0000-memory.dmp

memory/4512-2141-0x00007FF978700000-0x00007FF978705000-memory.dmp

memory/4512-2140-0x00007FF978670000-0x00007FF9786A0000-memory.dmp

memory/4512-2139-0x00007FF978670000-0x00007FF9786A0000-memory.dmp

memory/4512-2159-0x00007FF975F10000-0x00007FF975F40000-memory.dmp

memory/4512-2180-0x00007FF9763A0000-0x00007FF9763C6000-memory.dmp

memory/4512-2179-0x00007FF9763A0000-0x00007FF9763C6000-memory.dmp

memory/4512-2178-0x00007FF9763A0000-0x00007FF9763C6000-memory.dmp

memory/4512-2177-0x00007FF976370000-0x00007FF976380000-memory.dmp

memory/4512-2176-0x00007FF976370000-0x00007FF976380000-memory.dmp

memory/4512-2175-0x00007FF976270000-0x00007FF976280000-memory.dmp

memory/4512-2174-0x00007FF976270000-0x00007FF976280000-memory.dmp

memory/4512-2173-0x00007FF976620000-0x00007FF97662B000-memory.dmp

memory/4512-2172-0x00007FF976620000-0x00007FF97662B000-memory.dmp

memory/4512-2171-0x00007FF976620000-0x00007FF97662B000-memory.dmp

memory/4512-2170-0x00007FF976620000-0x00007FF97662B000-memory.dmp

memory/4512-2169-0x00007FF976620000-0x00007FF97662B000-memory.dmp

memory/4512-2168-0x00007FF976600000-0x00007FF976610000-memory.dmp

memory/4512-2167-0x00007FF976600000-0x00007FF976610000-memory.dmp

memory/4512-2166-0x00007FF978390000-0x00007FF97839E000-memory.dmp

memory/4512-2165-0x00007FF978390000-0x00007FF97839E000-memory.dmp

memory/4512-2164-0x00007FF978390000-0x00007FF97839E000-memory.dmp

memory/4512-2163-0x00007FF978390000-0x00007FF97839E000-memory.dmp

memory/4512-2162-0x00007FF978390000-0x00007FF97839E000-memory.dmp

memory/4512-2161-0x00007FF9782E0000-0x00007FF9782F0000-memory.dmp

memory/4512-2160-0x00007FF9782E0000-0x00007FF9782F0000-memory.dmp

memory/4512-2158-0x00007FF975F10000-0x00007FF975F40000-memory.dmp

memory/4512-2157-0x00007FF975F10000-0x00007FF975F40000-memory.dmp

memory/4512-2156-0x00007FF975F10000-0x00007FF975F40000-memory.dmp

memory/4512-2155-0x00007FF975F10000-0x00007FF975F40000-memory.dmp

memory/4512-2154-0x00007FF975DA0000-0x00007FF975DB0000-memory.dmp

memory/4512-2153-0x00007FF975DA0000-0x00007FF975DB0000-memory.dmp

memory/4512-2152-0x00007FF975C90000-0x00007FF975CA0000-memory.dmp

memory/4512-2151-0x00007FF975C90000-0x00007FF975CA0000-memory.dmp

memory/4512-2150-0x00007FF976CA0000-0x00007FF976CB0000-memory.dmp

memory/4512-2149-0x00007FF976CA0000-0x00007FF976CB0000-memory.dmp

memory/4512-2148-0x00007FF976CA0000-0x00007FF976CB0000-memory.dmp

memory/4512-2147-0x00007FF976CA0000-0x00007FF976CB0000-memory.dmp

memory/4512-2146-0x00007FF976CA0000-0x00007FF976CB0000-memory.dmp

memory/4512-2145-0x00007FF976C80000-0x00007FF976C90000-memory.dmp

memory/4512-2144-0x00007FF976C80000-0x00007FF976C90000-memory.dmp

memory/4512-2143-0x00007FF976BF0000-0x00007FF976C00000-memory.dmp

memory/4512-2142-0x00007FF976BF0000-0x00007FF976C00000-memory.dmp

memory/4512-2138-0x00007FF978670000-0x00007FF9786A0000-memory.dmp

memory/4512-2137-0x00007FF978670000-0x00007FF9786A0000-memory.dmp

memory/4512-2135-0x00007FF978620000-0x00007FF978630000-memory.dmp

memory/4512-2134-0x00007FF978620000-0x00007FF978630000-memory.dmp

memory/4512-2133-0x00007FF978510000-0x00007FF978520000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6194a99434eb40eaf04f87ee20a867a5
SHA1 6de1148749a59e90e7a15cc994fe95f3214ac77c
SHA256 2550a703c2bcb5b0c3142bdf8f946024fe9d68a42def853140fed5ce24fb4095
SHA512 b1de12175ef6bb36c85c241cbbf728f199e61ced1e90e15cedb64cbee5e962bd3cee3a470433b063a8ff93f9767e6262a1aa8fcb8212373657d19cf250d0e44e

C:\Users\Admin\AppData\Local\Temp\nso942F.tmp\StdUtils.dll

MD5 c6a6e03f77c313b267498515488c5740
SHA1 3d49fc2784b9450962ed6b82b46e9c3c957d7c15
SHA256 b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
SHA512 9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 985b6b5d4f0f6742e16ab8adf03b2e6d
SHA1 17f6704474cb571438340c2908b220c80d1cfd10
SHA256 c15d379c7adcc0393fd1beb2b1ee3b4f7cc4c31744a05ed3ab5680fddcd4950b
SHA512 f20902c060dc96b4c68f06c4db1a8ad818df7d9863487569e3248aa36739d5d932c1950223ec52f4cf232e21a0c1f6ee3f11a4bc42fb0dc35d6fbfab3c686812

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 8b87745e13986dd256abbdc24bb4a5f7
SHA1 08b4af562b5823a663d39ac89a7bf809ebda0c5f
SHA256 2a9d6dff93cb946076bff855397f9bf0d9d5abd0cc6bdec8a93e52ee585fe9b8
SHA512 9f3e1d6e0908b0a111325af4bfd0c039039c9d40d618218ad66879d3ef617febb4563cfc6ad30265f65d97b1603dab0021a841124755441d7d49bb06c229e27c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 33f9842a699ea6e8a79780075cfb3ff1
SHA1 2cb50e442098b669f275d5b4b2c659c52733c569
SHA256 dcd3e724f321aa0a7603df10d3abb3286c8b3a78cf19a88f410f44c98d9b9399
SHA512 4b4bff15c56b0ed2429989311d6207da76f37de5f81e513bacb248545d396e4730ddc5226eb739606d72d176a2e8bd44f834e95fe38ea1ef56530e8fab682de0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ce967738b198aebe96ce693cc9434c65
SHA1 e01b3ee6f5462ae49f771e473d91ab83398484dc
SHA256 907778086d0cebc2ab13e59d1274a66d28d4f181d3ca60f05a7cd1fd50c46cbf
SHA512 0c3da6610736672d0d546f126695c26dce7d55b975a622c25777c645e7c4c30ac1e1995baa03ea66a563c292a936e188822551bdc4ba740489c1ae199a9c9744

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 72f79ac0c2963251889e2b7a8487d161
SHA1 d1424ef96686f5e505896da22f8a59d596343876
SHA256 859d782b426bfb699d96af6b8ad74d63c08a994d3a2cb437939d3d53438575bc
SHA512 a12f607347df208184df9c18c6b468934a39cb6e7811b1eb9c3f561f5397e039af90c5cec28ff56d700b8fbf4ba718c49f58c23df475c5941c5726864bae7672

C:\Users\Admin\AppData\Local\Temp\nsq3EB7.tmp\System.dll

MD5 0d7ad4f45dc6f5aa87f606d0331c6901
SHA1 48df0911f0484cbe2a8cdd5362140b63c41ee457
SHA256 3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
SHA512 c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

C:\Users\Admin\AppData\Local\Temp\nsq3EB7.tmp\UAC.dll

MD5 adb29e6b186daa765dc750128649b63d
SHA1 160cbdc4cb0ac2c142d361df138c537aa7e708c9
SHA256 2f7f8fc05dc4fd0d5cda501b47e4433357e887bbfed7292c028d99c73b52dc08
SHA512 b28adcccf0c33660fecd6f95f28f11f793dc9988582187617b4c113fb4e6fdad4cf7694cd8c0300a477e63536456894d119741a940dda09b7df3ff0087a7eada

C:\Users\Admin\AppData\Local\Temp\nsq3EB7.tmp\license.html

MD5 2a55eef1dbfa31a5df65484d2cdfce8c
SHA1 f1b36d4cafdb2922bca1f4721cffc170fcd1b64c
SHA256 223f54604da92aa58886ef5467837077a76d6d5061ee701128f45a4fe8e60a96
SHA512 ec414f6aa58cd692bef59c4577502f97f56c0b7d53c8972bf6095691ca6e7601d8f07555ab69b18793767b1fac32c808a5d2731d33a4c352f732842648cb8b8b

C:\Users\Admin\AppData\Local\Temp\nsq3EB7.tmp\EmbedHTML.dll

MD5 c08431578109da597240a3cbaf65fd63
SHA1 687ef12f3db594332a3c9e679b8822eb9bed89e1
SHA256 ee95b019b9c8681be56038bf4a4455f74c4f83c287fbaded6b5aa7b5dcf4a38e
SHA512 8c8814a4c11ebe48be075e228477f394077efac04f2b7ffbc39339270d9a0b699f8398a17aa4cd4a0570c8f8c9e7de757facd30c326f1dde480a799542b07e8f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 845b325451695cc8e452c72ccd044ee6
SHA1 adfd212e31f2e7d364c205ed481ad852d87e0c9d
SHA256 a0d696f435f35f4cad923759ac6525475a948462f9ffd3a20aa382f594df0bec
SHA512 a7d18ca76b6ae636ec9391c82141077ee2accdf8888191d5193cbc3851ba194e7be8e776885f644d2f233cd329a7be4fdbfa77c2a5ef9c88e685fa734342fd28

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 be3d7f3e6b3d4af15ba6aeefd48c2173
SHA1 52fb310bb084314f2a3177b3252edd9287db21ac
SHA256 86034075336d7f59300ea116822e82024d75433c4ba8f02f1b44593abfe80066
SHA512 06beda37b9dcb2a031bad6506d9ac355df0c4aa2e59f57da03a739049ec295ff20e995464dd1ba4441c0555eb6455c376edff61d11a398f014e4c2ec88297494

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 863d58f6ba9db7e73981f73829c5fe79
SHA1 65388792b7f8575e2a76693f4c179338e28c186a
SHA256 0eaba83c8b616794afc4cc76b3e07258cc316b7c532d988e4e009378b99419df
SHA512 0815149a6a2f485bb253902c18019af8c143bf076a0e15c2fd2d3893be25bc59fb5af2ec85d7badb6c584366d1a6accf76c73b829656f848eb1f6a01387fc152

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 33c5516c1f4def602050ae87e7add221
SHA1 0aa82475f60001c09a7583b2cde5a14364a463eb
SHA256 a416cb6e10b2e28f6889bc21c7ffd47462932aa801a823ecaf7ae8c6dcf8fb04
SHA512 36642d14fb56c6adf45b4c929ea49c9e2636f75a7759d1db70421460deb17122494bfba6c918ccaea823465548f1bee5fb60bc7312883f29af4378f1e35a7233

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6ca7fb57292f8f93ed3be4662d55f7af
SHA1 e3d481184943ac186a89d052ff52ca33bb02e385
SHA256 1fbb2d2fbcf3421d579627bfd56e6f0dc80484294eba3f235e685c523861869a
SHA512 da1c469070e1471b18c6133533c4f495eb6d45a57c09c9192c639062d9b0ed0eeb08909d8607522626bcc3f2d456de9ba377a5477222c36dd4124b2a144f63b9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 984c54b11863fbf7290f55a8533f580f
SHA1 1ab07e1ff1cb0ecfaf33855ad487879ec41e924c
SHA256 6290310e3d29ce691d679391438c0b3d9eb02927fd44869f23cfacf871ce22ad
SHA512 e93af71e712bb60de251dde10faf5e520688f97d1fb3c72bd6f4d4a048ae716feddde647eb693fecaae318fa9a782dd3c865cb08d39a0679e38bfa23a44a3530

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5f40278f8bf5bfc8db3f00c4893cfb98
SHA1 b17a47bfe9b315e01dd06abec2e3c4d6174c08c9
SHA256 d594c079559fa4cdc81c64c0ea12a0a4847599540a02108b76545733f2474d7f
SHA512 b824fe63a83fe693fe3426869b1de98e9ed33d6a8f72f401eda43e191891ecf087df264cb4d13037f3081df903560d0370b9e5ef1fff114b445b30e310c0dc1b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 f2926f866e46742d547ec5b233693798
SHA1 1341b396e6992fcc1e3b5cd95f2e5c7c7f0847a3
SHA256 01d9e8175adc9fcf99402697413b6b34e14cc1b4bf2e93639cffdfb48073e81d
SHA512 87bda547c880fe4523839edb674e707c9ffef4301a1bdad90606be47ad6d110cd6be7785ec9d65c1849ae2126c6215142019f7d0d1cd3ba232b5bd4ccf69b151

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6cba10a2d994cfeb73229fc0aca859fc
SHA1 983e6fe9aa76c0f578376c33bfe471ac2fc4e171
SHA256 554f364b8bb8a182f2b34eca75982e40ca2df53c64c7cbe7a38dd3a0b2df0386
SHA512 b01d5eb0aafc394adf3c4bddbcbae04821156f6db5b2988e498c6d493040c8f5c518f0a3e2205251161f92ac9ce6a00a87b7f29db8da13a9468f0b5e12aa4530

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f727703857dccd25ed37559d4b87ada4
SHA1 a0d9c46cb557ff98a4672e6e61e32d276f5d34d2
SHA256 b423a7acf5cb076630fc6be82212936d110fece3df6ebd5ca73071530e0c9454
SHA512 c443da87f50a5ee96f232ee2215503b4bd3343be47189676b7fc6b2feb53ad1b9fb4555b8ac867bd5ce242fd4e64d50e06e1dc62afe45246dfaf25f7d7fd7f40

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ee

MD5 c3c0eb5e044497577bec91b5970f6d30
SHA1 d833f81cf21f68d43ba64a6c28892945adc317a6
SHA256 eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb
SHA512 83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ef

MD5 a074f116c725add93a8a828fbdbbd56c
SHA1 88ca00a085140baeae0fd3072635afe3f841d88f
SHA256 4cdcda7d8363be5bc824064259780779e7c046d56399c8a191106f55ce2ed8a6
SHA512 43ed55cda35bde93fc93c408908ab126e512c45611a994d7f4e5c85d4f2d90d573066082cb7b8dffce6a24a1f96cd534586646719b214ac7874132163faa5f28

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f1

MD5 56d57bc655526551f217536f19195495
SHA1 28b430886d1220855a805d78dc5d6414aeee6995
SHA256 f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4
SHA512 7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f2

MD5 2e86a72f4e82614cd4842950d2e0a716
SHA1 d7b4ee0c9af735d098bff474632fc2c0113e0b9c
SHA256 c1334e604dbbffdf38e9e2f359938569afe25f7150d1c39c293469c1ee4f7b6f
SHA512 7a5fd3e3e89c5f8afca33b2d02e5440934e5186b9fa6367436e8d20ad42b211579225e73e3a685e5e763fa3f907fc4632b9425e8bd6d6f07c5c986b6556d47b1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f0

MD5 c79d8ef4fd2431bf9ce5fdee0b7a44bf
SHA1 ac642399b6b3bf30fe09c17e55ecbbb5774029ff
SHA256 535e28032abf1bac763bffd0ba968561265026803eb688d3cb0550ad9af1a0e8
SHA512 6b35d8b0d3e7f1821bfaeae337364ed8186085fa50ee2b368d205489a004cb46879efb2c400caf24ba6856625fe7ee1a71c72d2598c18044813ecde431054fb5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f4

MD5 b38fbbd0b5c8e8b4452b33d6f85df7dc
SHA1 386ba241790252df01a6a028b3238de2f995a559
SHA256 b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd
SHA512 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f5

MD5 771f4dc9c62dd576d8433571a857a40c
SHA1 7b4fecb308d4640cbac12494809d82426607122f
SHA256 5cb56ef854300e6c5be352cf1ffd360f4fdf272edf69ce95b9b3fd4c6473c3be
SHA512 ffc953bccd24128e7a04bcf64a17a50ba21e460efceac4308206eee9aee86a46d1a02a7cb7e3faa4f554c2ee12e8222acf281478651c1b70e06550ee5fb8b090

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1c1ff2c934cfc41a7bf98f03ce65654a
SHA1 a616efc59e72d037e29aa5b64fd36902bc0b8813
SHA256 1bcec5e84e57961a2b8fbe3a3fb13cb651fb30cdfc751eea79c42e61b39557d1
SHA512 c0bcefbe48c7407800b3c4d1803dee4417f939cd347cc1f822bce547eeeb63a33e9e61a4f92448e0fcdf4b2be4c7e8a939f920f665eff0fc6eeec1ed6c0d85a9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3ba02b5d22e28621f17196272e98f51b
SHA1 acfccea100a539b3d9c1b11414f5d7f322a58a53
SHA256 658fef724b1d5effd11674d5782a846413b4b718407cd7e755836be3c8298179
SHA512 e36ea6fbb5475cde7a29a32e097815939b1940d24fa06b30fa52efde9cdb0dc700ffd91c218aee143c8d2600e5a547d657a5abc87306076a8955ec5038e01cac

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00014e

MD5 3e552d017d45f8fd93b94cfc86f842f2
SHA1 dbeebe83854328e2575ff67259e3fb6704b17a47
SHA256 27d9c4613df7a3c04da0b79c13217aa69992b441acb7e44bf2a7578ca87d97d6
SHA512 e616436f2f15615429c7c5c37de3990c3e86c5e1da7d75a0f524fc458b75d44a5be1a3648a628d63e1cf8aa062e08b538f2f2bc9c6a0b42157beb24f82c571d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c3efdefd531ce54f_0

MD5 0a577b29da90309aa4707d08b1f8b5a7
SHA1 513d97bd695b6045f41507510fafb6fbd517dacf
SHA256 04f33b9547c996b11407ea254074a0acb9f4eb9e5a662ae41d50137dab855124
SHA512 a2ef2be07ad4ee69fbb5feb277e4e87a169b2f5c79cefe4278fbd400c3db1bbc475b302da3fa6d4f543a2375bd7380d0bc4d0584d02c076e700f45d0f134bb7c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a1a01d7e7f20b299_0

MD5 6bdf41a9d8d43d46cf90d5975e4a5853
SHA1 b52213f03477632bab525639aa032bc2d7a0e0c1
SHA256 8dc53b3b7d3b7811040bf5023061a31e0c6255faf04218108b829bc10b08f7ee
SHA512 354973a7b2d382dbd84cdef45684d14b9f417b5670e54ea5824a1ed2a51cca3549b45869fa8f3dd9a3b3fbc9b215ec994319fd66f9b35e598aadda078b55d3d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000150

MD5 bc02f243f64330412d857c6a0c9d2833
SHA1 02ae82c1d2843d386935fe6d58bf5a8e4f49fb96
SHA256 fde6ea4c577565a23caff104e2af87f3e52707bb986f6e540335fed152ff418a
SHA512 fe799326a6463494bf9d3e657026691976d9930c1459a280d129e6276a62557761f43894539b06ca63ee651870ee0c11b0b1cea6ad101fe0955317efec3bfe6d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000133

MD5 5be81d7ad6cc31905fc542da6f7c572e
SHA1 7e8aa144a7be977232b0fa8433cfdd422a1cdeb3
SHA256 7bce00c6824d69355bbbc48b3418183b4ebe106b6fab6d6c6884679a83e86054
SHA512 f5d3418399d2b20d1a7baef59b30810583d836ac82cc54d3181e5d21852fee36391e9d485b0832728070d0df4602df7d303aa76d55e0738a452184873a5a1831

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000135

MD5 67e30bbc30fa4e58ef6c33781b4e835c
SHA1 18125beb2b3f1a747f39ed999ff0edd5a52980ee
SHA256 1572e2beb45d2de9d63a7e7fe03c307d175b2b232bad2e763623dceb747729ba
SHA512 271d4a65d25b0a5d2ff2fe8f3925fc165d9b4345893abfd919061d78ffc5ffe8890ded35e41274ad8b860f06264b027cfea6030ec9411a4e03bc6d7cb4d4d228

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00013b

MD5 f1f9d0d81a2000c72fa05f980adc5b56
SHA1 e034e7ee8ef989abea10e0cbb09375135ef2cf94
SHA256 9450e220f6cd2edb5d1bb7294c55cdf8a66084020f72c07084ee153567b25b2e
SHA512 ea5699008201c6972890b6ca9e2f944bd9ca85e6255874618229a755cd9ac979f46ff0e17b47c028bb00cc3a5ee2f69eb7e4ed6fb581e7564b27f8029b72c733

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000138

MD5 bbb16ad53b5d797730e5664b78abfb94
SHA1 a4c10426c0dadc5d64a6ebac06fbc1bed6b659bf
SHA256 60918f3ee3bb518957d624da8001bd87cd520fa4fb0c10d6ede57d07fd1f8f53
SHA512 2cc36481a211789008ae818f46c3cfe2c8c12280a75bcc52e0dd5613b19e038f491244b79364353b091dd79ea47909f73ae957baccfa68cbe370df96fb3000db

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000134

MD5 d94bc6312be1f03120e78bea29582b7a
SHA1 89ced9cfd9606ab0218e4852d284670f8ef0f2be
SHA256 0d9a20cabc23b295d28cee1b72596c026e6a151fcc79c8c5efe1101afcb04f9c
SHA512 ffc3b68aef5913899b7edf92dc38593e24366a208a268797fe3699c8fe31093ad1ede5cc76e8a67f225f1ba169abfc0b189ae14f6a7b815df02d497c7aa1cfb7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000137

MD5 977c43bf9d26bf00358f9745f722d34b
SHA1 567aad5400a12ed351ae7c5528a502a8c1065c2e
SHA256 0b23700b63c6d8e8b13b70d7879baf132c4d488c45f11dabb78e9fb5c33545d7
SHA512 3d171aba55b8951db795e7d2669a2b8864b06781ebe30de4c2518526d270b9b9a9d7a99e328ffa946a7fd30bbdd505566300a9faaf1e7f853c841c2b0a9fc525

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000139

MD5 7651b1187bb58ac4c7be625337b35e5b
SHA1 307d969ef4137a66fe2793737dc1c546587c7f43
SHA256 0632850d01a46bc2f8c223155a4bf6c398b33596bb711e098440623f118c3968
SHA512 a81d2f768af155bdc642941404e7ddf95a2cea33c9374acb5fe32f6f5266e337fbef32f904551f61fcc9f9ab5a1c6a5ad130ab85b38bc2258e2f82c0ca1e9c7a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000140

MD5 60debe8bdc4883f8e1e2db545b49bb35
SHA1 d38d5a3beb2b3aff1099e674f1bf37e69318eac4
SHA256 b90384b101dfa688d82d84e1134df3c1b31e3dedbe677750c97ae1dcfadd4e6b
SHA512 978dfaf0e9637f2c509ad5d978ad94a16fb0e4c289a03af842a20761b0d3c2168069c32bc66cf435559021a472cec9e35e54a3831ee51fe6e94ecc239f9d89c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00013d

MD5 92d3bdd34e42ad5c62fc314de53b422e
SHA1 4aa886876d1953ece76ded16badfc52ca4223ebf
SHA256 ad6d57a0a708233d3907abf42ef0ddef875494dd8f8b6df53ddbc2c21cddd097
SHA512 2730e9a332a85b43c0bfd1ff12f14cae1b0a967f97d73fef30b5c6cfe464fd3878b9e310dccdd609add776ae0844176bb605f82a65e1de81140aa6c62ca6fe2f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00013f

MD5 da7159b526a8f070c9a105c145c50ac9
SHA1 d4cbab86052563c02bc673a97f979f66f66c0d59
SHA256 da8e7139a7907651e7ba16e70b67747ed7475cf5128cd47d16842d54790054bf
SHA512 3f681ff0589677e34a126444988b3f563b31807396647f12702a5d983d486fa5db0be9863babf805a9514f916afa6e79de98a0f50c9559dd456288af965dc7c1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000141

MD5 d70bf3a2cb9df0d41c8859f676d72e20
SHA1 1ab4cfc5f41016004a7699bd058863df097f074d
SHA256 6a5f36060d947e1fe705f6ad9a6ea78492f46c4d2200cee35800dfcdc611ad61
SHA512 078dba6f3d2a8e49c87dd1dc2ac2da0805c571d6de7d05e0f677304e5407f89325707dfe92c32d4e95634b9d349429f35a84772a8c1895788d2146736fe70c04

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000145

MD5 bf0b945495139fd6b5a6ba80e8586845
SHA1 cf45c151cee47646f23a5ecb009199b7f3071f0f
SHA256 22f80a4de0067ca7c2e0a63c70648909cd62c428518102a30c88f7ed45a38821
SHA512 3e600115cb373341b71f32d05938475ef3be9cbbea7e03a9a2f12157d540d2537ef4d6f0c862dc770fc9419621a608784351c2c9eed25b836b7937be77e2bf26

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000143

MD5 51dfa5cf26ab13a4298b5f933fb67225
SHA1 5c77dfc4897e8a2900e9aa725f81427dbd610b51
SHA256 20ae371268dcf000ff7168ee6e268977c30024b810b709618bc61efad33c034e
SHA512 24cffecfbb0aaaeb5b0c042871bc0980ca75b62b23e23d0f2b03643c4bb459995b1b26f5a238a0a56720ba70fdc02d40cfd2a82d6d7ac3fdd70a9e368b2e8fb4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000144

MD5 2b1cbd4679273eeeca66df170b39e936
SHA1 d7c45222836f98f877a66e7b5fbee330e041c05e
SHA256 26932640108e9ec3aebc0a297a2623bf602e1379177aa29d0e5b10c324ace8b9
SHA512 0cb1440e84d9a729608a86132c835cd0a037eddbd983e1340113f52adb8c0ad7ef08376c718d123c8afb799a5f1d57af3169142e86a71c88818068d28fccf5e2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000147

MD5 7820201f0db0c706a0ea5bb7ce018ef2
SHA1 6d116650afbb3b25bfd6226c7d5ee00dd1fe4515
SHA256 04f262a5cce0399379de17e5635f1e1acaf4371afe981edaaf792625a682c44a
SHA512 bfecb88d8852c413525e1e1bdb3eb69c97a10e4ff67ae3ca5eb97fff5a2ee369a1b80a0d314440a375d0f9e950e0e970a6de6afed09062d8523ca28ac878946f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e99f8b9f3edaf6137b48336700d06517
SHA1 df459058321e4b3e21a403e8432601c9ad0283ff
SHA256 cfde0327738a88e9cc6efd1511b5bed68c3c49a96c93939748708cb26c39be51
SHA512 556df6b93a29e68c1fb562361dd4016a8fab6a4890ea32dffac91dd92fccd1e62816c4ba2b584d7952bf126fccab41cb4b7e6cdf175f88e0d63322243a0f9d68

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000146

MD5 bacf9b57dac78f50bd32901ed94e2afb
SHA1 0ce481f457be11d31e4d9cd9f90361b34f072be6
SHA256 d7f02d336f937440b188a287eb39d0544e16b2a6af6bada16bf469a5b085f7bf
SHA512 109485a740935984040a11a47d87631aaa5fc9e399bdefc3b9f0d2a95aff56e04718be43e080b5fa93b5dd232552ade85abc46b57a37bbe9adbee7dcea1f54f8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8e628e47db83ae00043714ed22564c76
SHA1 e94f4dbf4b047a6b8c368d9c7445379114dc0d24
SHA256 8a1f0952728b09969906752496f601491f85e3cbaceb0dbd328e2ac97c130abb
SHA512 d1df9ef48ba56d7ef0b204c5d6157bf99adf6afa179d866ff9b4fa311b3bf38721fefc221ebc1ce607816b87d975d487a8afce2d927c891f3f7644235ae59b8f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\000001.dbtmp

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000158

MD5 8eff0b8045fd1959e117f85654ae7770
SHA1 227fee13ceb7c410b5c0bb8000258b6643cb6255
SHA256 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
SHA512 2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000157

MD5 c594a826934b9505d591d0f7a7df80b7
SHA1 c04b8637e686f71f3fc46a29a86346ba9b04ae18
SHA256 e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610
SHA512 04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00014c

MD5 3e4b9936ed0669db3de95f5f42f12eb1
SHA1 c482a5edb6311136a5d18cf7450263b69e10d781
SHA256 0ceba265e944a7febfce4c1fac69d41f928453d03f91d4747ec998235cc940d0
SHA512 f050591e7ac28660edc00c38aae6cc6d7ea91b16cb38d53a6fb0ecc4e63050f62fabfc4022c09df34ef6db5fa23097278cf38f4b05ff90c734e6c7d2b9e5fdb8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_en.softonic.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3751350944ed2f0142636d5698024b30
SHA1 45e574f9a212ca25cb9db11f5850e98f0453ea4d
SHA256 0d42aec511ccb60d595838e4d2e9eee5b4fd7188030f775cde2dbf045cd4c27a
SHA512 1c434f0ad4238bbf04a54f047d1ee43b283b8c8140cc17030191fea6c0e0c9b7fef7ffd1f19f245a166e560e6c783f9c29a1654c7a9be76bf0c61a6bbdd60d4d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000136

MD5 bd17d16b6e95e4eb8911300c70d546f7
SHA1 847036a00e4e390b67f5c22bf7b531179be344d7
SHA256 9f9613a0569536593e3e2f944d220ce9c0f3b5cab393b2785a12d2354227c352
SHA512 f9647d2d7452ce30cf100aeb753e32203a18a1aaef7b45a4bc558397b2a38f63bfcfe174e26300317b7df176155ae4ebaee6bdf0d4289061860eff68236fe1bb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00013c

MD5 23d5f558755a9d58eef69b2bfc9a5d99
SHA1 fa43092cb330dff8dc6c572cb8703b92286219f6
SHA256 6e5bec69b1c6424972a7f5481ac57049811f0f196535b707613126c11292c5cf
SHA512 9c56c94d059a27dab9f69c9dfd718382a8eb192b8c0ce91cd6db6ec0769b8756acf9c0956a35561474b87d6278b13fbe88a6e4df6260c278b1ae06e9be55dd6d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00015d

MD5 be1f6aaefa820251c64a81cc8062b64d
SHA1 0dde12114c5b4f29e1ca8372453f97ae2e9c3125
SHA256 eb1619e6a949ef0e8eb0dce4ddcac0d5342ccb5903ea77ad8cef0166149e6643
SHA512 b778bc24ef091d9011e3b7969a2c9eac3a257476d39276347c8eb5b72e40ce4f4e5df20a2f7e82398df710db22930018b43b26f0407dc4d6174a118710be2341

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00013a

MD5 3e13250e7fa3d6d6b9f386b6898ec7ca
SHA1 3799ea3210aa9dd0ef8a267d25b2520f3419de28
SHA256 7f1683eedfcd068d10d58823e5418e1fb1dba352741e551b8d2e1a7fb13187e8
SHA512 15c170c693138493e9ea323408a3f999a05c8f751e78bf388d193e57cc51c88e283c879e0a455aea0ea74702f7d443509fcc7810fab73f0f51396b1cc2c4615b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00013e

MD5 42e84ebcf5470237abd1f9e322b751fe
SHA1 a828a45804554507d9e8521c36109e8bc3d5eca2
SHA256 a9fc7baee3689f0331e46617f60d6e7c3ed631209b7211e7dd09cf20d22a64c1
SHA512 36606d42aee5689819dedf221af3c6c0da06aeb9997b9ce84b42db42ab80a0926352219f1e47f2287dcc850fcc96e4eefd5e487e09e1f1228102eced11271e25

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000149

MD5 2f3ed6625ac1f8186babc69a4e1422a3
SHA1 933289707c7f699cd784833948594e419a529943
SHA256 b5c0ba20f892215ab5f7b352d05961b5038c1578077d0a9b2698c140b17c9b49
SHA512 a533f3cb692d54fed0ab62b8616b6a2b1f0e7c1e22b4cc5d487c3dd2a08affce63fdc90f05ca082202cdf0a9445bb4cd82be799d276836d9e8e25280889c246e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00014b

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00015e

MD5 04383c03a22cba10e4baa0bea6a80dbe
SHA1 8ffc0e5f4ef121a3d4b71c3a98138385eb15d516
SHA256 aa019ada1ac00e4c95c5e13c7152e3a4bff8c0f726844509659227257c7d65a0
SHA512 3274f5e380c1da8fa068c2162e2658898c60cc57298390f98c0b84f6f43a122e7ac33d8b376b533c970755a200df1156c357523bc3a465b521e91fe3522b91b2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000148

MD5 7b55456421267032c75f1bb9c6f924d8
SHA1 e7ee41444e1880082e0241da7bc89627d61746d4
SHA256 9130dace8a6c8c420b4eba0d684286c07129dcc578d32ee7a901250f76a0afd8
SHA512 ba8c12739dca9fc2777bcb81e072658610eda77c776ab9bc4fd90d8e2ab614d281f76df72aea770e764203d74c2382c9b8a0dacc89a0d3896578cfde647171c1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\ea9b8918ad020319_0

MD5 3525086186771b619732f18f2a6f0069
SHA1 e2f3594e17247d678910c2e69df8393782a3a109
SHA256 32428c4d3c1243fd33f0d66ae097b96419890ef7d50b5aad6ffb10e30274f770
SHA512 7fa94db59f3933d52dc4497ccfc8608fbbbe4f50bffb20225c3fc9909f2b74de0a94a0b45fae3de9b1db13bffede6fe2b3305ef011701d4d7bbb2d7ba8b7f70b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f232ef5730e93e6c_0

MD5 2fc100759fa7d9bf9c1ae59be185aa40
SHA1 75a61448d9de6929581986e5413e20b40b5a1864
SHA256 cd61b43baa2daf649d6ac88600caf054d36488ae19830b317ce34c6aa6d00f1d
SHA512 6cbfc0ee98fed6c6518de3b9624a6edad1878e466f09eec95ad90b82ece75b89144be8a1b11bd0ffa2cc0ac57c0c46faf7fdc897a5ad3823bb7183abe384bf0c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c3efdefd531ce54f_0

MD5 678728632b6bc2e8b807e29d3fd56c12
SHA1 40501802865fc23b55c41fc0fcafaaf091b00504
SHA256 2ba6172130df3ab34c5477ec55be0b7243d604d9508b6651b11df91b3f054fd0
SHA512 d76f569fac265d2a406c9533cb851845208156ca88b0b8b4daef0de11f1c9cb4cce7d7e34ef405349a5971e0ec6cecbe46f762f8c534f9ac3926c4cfece5be4c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a1a01d7e7f20b299_0

MD5 e1574825c7c1e6e062fbde9b58904e26
SHA1 2d3c5f8cddf932a5654e01ce0fd8c80f595513df
SHA256 e170331b4380e75928b6cdd1562b266a9d2f4a3c75c8683f8c72fc0e2a528af8
SHA512 6e8e7bc136da5dac5d849a78e0e881572c0b1dde0470462369db5db80aaf9553e0359b4466332d6c5b832032800b72e9428affa27f8c4c75986cd7d4b06bd620

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e71a5d2b3783064e_0

MD5 04e7e288857daf715e68b04e74bc016e
SHA1 fc58013c1752e744e4fcdf5bdad260d4ea95ace6
SHA256 7aba73f6364044da55e676b0f8e6e6035ef7d6c9134a0526d59d5996f639f85d
SHA512 a515fcc882c5f2c9f4e256155a793132e277ee8b4a3f1a69e3c99505e2a49a0c09d7fa143f3a4500a239b92d8b6515f585eaea236a767a137b5fc7fe0a9a6894

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d782f305bb50c377_0

MD5 49b97cfdec83fd59ec24748728fea8f7
SHA1 dd36ed6bda20f96491bb6a7ec79db933f261c1b2
SHA256 36f830e943af6038c323885b3edd43445787ad3f61c3edd3a8e63f4d35155006
SHA512 ef6afddd0ece415eac6c9778d1150aef4e753e78d786259b00a2385d777ecceca374ae7a472be1ade6db3596c3c41b758c6c34749331bda95603f956c9020a76

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4c307b02b4dcc58c_0

MD5 36a8993b9c5fd7c2a9c6001e85e23843
SHA1 1c90a579089f0f9b8e6f3aa2265c44f090c3b4bb
SHA256 93610cf36883fcfe9016dd09f70acc2967f96bd4a20f84c99e1da2f4b8d4d3a2
SHA512 0cbfc3db9eda3ba4b7a33c701147b4192fb72110079445153360703999ef1cbab36410fc87e619bca3e878d6ed2cb326862ec115f0ac67de1d84e4caa4243da3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b2c5c10f2a5fbfad_0

MD5 4a0844b970e0e2cb1b33c4784dd12fd5
SHA1 9910fb5c6a4a4d7288659bcbeb4b3deabdf16cf0
SHA256 ae0ae74c7dd089d1fb45f2f55f68a5b8c76feb463b14ef03e1ef4db145d05f65
SHA512 a460a7987e106937dda71298f06d1eab7ff477a894106449b79663cb9aa6554621ee958382bc8a7296991d9986ba3466382faf0de77aa102b4c478985705b170

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\21425ad001504ad7_0

MD5 5b79371a0486a74303547de34b1a3abc
SHA1 dd03c09202f2b6dcbba312234b30f3b2c5f1a487
SHA256 9eee91086d878ac59158a0cdb057d8bf02d4f8d79edfbcc463269c23d666034c
SHA512 141ba10dfd901248205e75bb20ca9d91d92f558fc7b6828fec22dd92455f532b592a336664a102f172b6024f44433e8ce9d6a0b419fc8730fff8316632de9db2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\336a68eaaf209f48_0

MD5 b3d60740e1408041ef1f42e4c1530258
SHA1 317df13077b04a5c64df63be9aff7f85d8504af0
SHA256 eb04ef73f7975cc4e0030a7f68bf44fb28ddaffb08cabad40e68a92da687c316
SHA512 312d7c3806509da853d0f623dcb3bf9ec7b966e6c969bf824bc794954d6663433e35571d34af840ad026ea56949b7beb38ec254fad21aeab4ea2d814a5f0d01d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 23a50fe776308e7afd11cebb6f09bf6e
SHA1 3dd581ed64f0d03541cee0d38a2ed91291519cd5
SHA256 9d7fdf2f140687afb406e5fb8db2167eeca5f10ec6cf96cce09d9130abbeb321
SHA512 d89e5e5f39af52db38fefb83977d6ff879eefa4b5ce4abcf69baae9a7230b074d84da1d08abf560bf6ddae4b2bf131fac2808f0b449b41e86b70ac0bb26e20d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\80c6b91f1a22ed90_0

MD5 bbd2a31b708128b433ca9b5f2702fa16
SHA1 a4e5f516e2fb2d868cff2ad10bf03d8ef4a6b889
SHA256 83cd568557212b21ffb51026ed0d64822128fe5e103ec623187cd9b6b03592a8
SHA512 af5d4e07b309db4b2021735d5464554a921b6cb49c5fe7210cae2229fb702f154caed955d257d4ec5b1d3da19b444afc7f00f57b49437bdd9327783fdf6d771d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8abddde9ec976250_0

MD5 fc674c97aa723955b7aa3161bc66f99c
SHA1 2cea8baff17f50f55d9f2b3d2a99ea5a7fdac899
SHA256 ddbdde8edf0f1dea43febb375c8d1c1c78b040a7c0254a9ab9e6298edc57b88e
SHA512 cee1232f63d88e69eafbca707c75901c99316320c00931c47054c98ddb8c17821aecc98e161432be71dc0ceb19ad0dd6140edf8bb5563ebdd48fc73e25af933d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\db0f974e8eb0f42c_0

MD5 22fdcbd195823945e2a5665bfd25aad9
SHA1 694ce56635844828734a77aee2e139af3a849c63
SHA256 613980e9f0a02de81181d6417f69262fdb8f7a4055e4dfb311567e61bfa34c83
SHA512 7aeed50c81626d68f683854542a8c43c1feea09eeb6eb2f24dd0d643ffbbfe61cb89b029fce4e730556e8041fd01e867a93360a45b56a76bdf94befae0e290dc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\4006a28d73136ad5_0

MD5 bcbd33d273de787d228e721cbebcd1f8
SHA1 19fe9feb5c4373a100a6a3dfec9a9dabb025833b
SHA256 8b8f36eb567468df67892849df34bacbe56b9c870972b41d8934229b166c90ca
SHA512 47880b6a9a8c4536c1dbbdb71ab5f0555cb783d640b90d75a18b97b4f678c04427ead7137fc15e55a5cf49bc1205a5c7b638598916639d9fdd6bba0339039593

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bb2bfb64435dcf03_0

MD5 e680f730edbd8a487cc62186301084a5
SHA1 553e661da55c8e21e8a6e6b5bf016ac0df9b44c3
SHA256 9f0e5dc8f27ba26886585cf07ba508b5a87c7ccbc27d0567867082e617719520
SHA512 cc521772bf7aba5cd10fe67a7d58d7b771d7616bb85cb3c6ca7c29872bf12b0a2137b7f4a457202d91bc2e1401bbf25dc1dd976b64659e27d415096bb73068b5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f2818fc646e2b572_0

MD5 bb3de28a46cf3fec4c8a361ccfa99510
SHA1 516c31e2807f0d2bdd251e8acef986750f7ac19d
SHA256 61bb441c150a247cc3936239523ea790d478f572d7e2f1a7a2e345ff64a3436f
SHA512 488a3653ddafadd098b322d7b92f5bc6c022041c75a7eda73eaafb637274059d383336fbf47f2aa7e83ae996c0901821b9edd70cf63550af65d6e834603d292b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2aebbcff2b1b2718_0

MD5 2f408075d040874c8bf78f516ab27820
SHA1 4801923edd6bf2bcff39b1ccf1fb14e15c3e9d9b
SHA256 2ebb7ff237974d2bcfcb858817e282097acb187bba322e3c18aa1cc65281135b
SHA512 68238376dbd415080729f992a004642ed3ca41db7898ae4d7f9b1ee7cf2655cb68de03544bf529ac256331d2ab4415397ae28e969ba6f9b47f4247f6986c223d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e201db4afc7e2e56_0

MD5 e8e85de74acaacfd300d62654344112e
SHA1 a73852f571a50422576366e06dea3506970eb922
SHA256 e03c596ecf3bcfadc1466c04fea7b818966d02747b28cf1b0b3599ca055d543e
SHA512 1179d4ffe8e94495a901f3552ea76b4f65ca4469d3c8c68415991f6e5c117f65dd97628514281df6c665046792f29905cdf63fd4b08ae674d82fc30dbc907bef

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c251c5c99b1c4a5f_0

MD5 da00b8e1022d493dd1b881fc4882cd0a
SHA1 ad3a5e57c0aa4a1b7a9a9b1815dc679ca9425357
SHA256 830d2ad77abdc918705117e0e8270b4e73b2e274c2c4652781b33252fe980ca2
SHA512 20f3cd554c91c231830006949bcdcfceef899a7386eea471cf55eab709aa45d0f0d1ac572e6450bb6728057714a26cb77021fe7eed0e9e24996d5c8a4091559b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9e04f19de8f5d184_0

MD5 b78d81ad13bf963265aff004eedfc4b3
SHA1 3d12bab249caa9b724c92473a63df30bdd54b8b1
SHA256 4f235028d1f6b1e9d264417e5d9c482ea88cb6387f936785042d2b61ddbe2d96
SHA512 781fa1fc66931c5d5be2cd35acf30e2eb76103a29593f6058a3b2ade29f0f84b90b48dc82baaaa9da3680636b2c473e741108530b77547d24dda1cc418fef5c5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2c41e94699c65922_0

MD5 5c5e7298d01b05b9ef8d3e0199896bba
SHA1 825870e1b842b2ae28f10edf5fad9983863f41f7
SHA256 087370badab53f4ea86c575dff696f174698b9324da2a5887915607098496bb2
SHA512 fed5c6992d38a99a927978da3b1cba1578111917630f938040b227cb158ef006ae2e65fa237b322574bcb1132b1a01ff8c4dd6a20b314c33f99260319677a831

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bc0276656709e65b_0

MD5 812fbd33b9a20634217e48c7c95d28e0
SHA1 8aa99caece8dabb558445beeea3b41896ad2dac3
SHA256 64819dd75c21d781160d23e4bb029bb7bc56fb5f7bd0f9305ce2539a301b6ac1
SHA512 a448b5cb83c0fa8ccbc63ffc8bfc537485278f36af660bf33b1a17b39708cb64d6c9f81e1e1d8c3ef37e67e2235dcc07a0b13fd8a988825711f239deb824b167

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\2bd1dea4bf8fa83b_0

MD5 9008f1b7ef67d4004fc4f8ababd70356
SHA1 4ffc312a51f49da58e8da3da9d3db3d259d9c250
SHA256 56a0d94abb8cec94fb680e352300f2732f3ea18266617a3a62d5e2ef57616acc
SHA512 a8f6e5a901ccbb3beb4d6e1ac374b1c7dd52ffa52d785dde3eeff9da839584c554132960b003f0ff016fd72eb2c6d3a8c0f3a84186c167cf42494a75237f69f6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5f30c233e9e690d9_0

MD5 c215eea17e3d120674c24f1719e00dbd
SHA1 3847a3943fb0ef8e05ad876fb88a66f74b3789ee
SHA256 f5f6c08b24de9a32336cc5fb7980a607f06675e3901af8751959f5e2e478454e
SHA512 5a9d7883dd43f8e14d9ee3ab6f23d54dab10c262ff280196d4e55a92173eaea2cbe15fc001c3afead40a8627adbede42e979d99cd5cd08e1560e01d931b63f6e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b366c7255e5e3c7b_0

MD5 60e5697bceea89c9e77c2958e5d452db
SHA1 866febaa781ceee2f3116b96fd379090364e2b68
SHA256 228a855fa217d6b309ae7225fa88b60eb03833acf2b44df95aad3baae0326a76
SHA512 5f5daad9522b9ce8e928d783303ce862998c4b59b509246bd8f090be0b7e42ed49d48c3ef1a9dc465dff092a2fe69d3492b24e7e2bcfdb34421fdc428a3142f6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1b6b02fb32372a5e_0

MD5 9f250010b6588fe4acb1f114ecbb0cb0
SHA1 42cc0300b01647bbc655e7189e5a4e1fb9802835
SHA256 c498365b0283ce49439e84666b780d5a7ee6eba51b28588b19997ea8c65fb765
SHA512 43f2d73aa047fbbfdf06526d0aac4eae6ac639e18c65737eed2d5c2c5f18f5ed3ca43a800e84ceac551281b3a5ce8b9fb58976b96575aab9807f298088a83e86

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\59b367422c029bf7_0

MD5 1199bb552b3b3813524f52bd7fa43c70
SHA1 a219077746e4d8e3084338efb2cb652f6673f813
SHA256 71efa67a0b5defba017b113854e365c9b7c4062deaafa4413bdb3e345b448905
SHA512 4134bcf73e36d35ed289625bd1b403e664a7f2d97360d5f36cb86323fee12baa95e77e5d61c89e7463468d6af1991b3a8e42f055a130654b7bdc3ecae2b5084b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b8fb7f17faf71513_0

MD5 226847bdfe5f5d2c3355d3c47c35a3ed
SHA1 53a061b9cf8e809eef263f9bc83477f35b9e4fe6
SHA256 3b2609dcc450c50f83aab59e08ec3fec8946d265efbb63f717b76e22eb919df0
SHA512 6e7942f106c9f904f148cf39b76816b6c94ad9f441cba64b660359341f433b7ddc8cf63400bb5af6e649b3f2035fd64add1e571c4d1b7b9b6e6ad4eb3d2514d4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b6d7318525efb2a2_0

MD5 6e2b0cf70125521a65a2150e02d8f3d7
SHA1 12233d0814377c1b8bb4f170f752b56c497bc8bc
SHA256 4f7f38ede12e40d6f3fb5fa388e071acd5d519cddeb8c0fd5b1d41a37d3c7c06
SHA512 07c85a1c6893d7e89d521e1735ff9cdc6623a2c10fb6ba12b444394fe1bc9a163dbcdf018169ff8a20414327f3a4f0ed983eb726a62804305cc699346007425e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bd989ca4878722d4_0

MD5 da7b67ee53f159f8f373965f26e069db
SHA1 d119b0b7c01a00531f841ebc99060d837e5b6404
SHA256 36a052f66d110358d5e88a7bf637f87dfe12c04ec31d054a5277b234e697f077
SHA512 65462a127894e4f866d61009a667709e1961e175390759a573b1440ec46df6f69d05dd1babe1938cef1021530a9637750001fced3150f49d40a9cad575391d17

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\34cb1907c38ae3ef_0

MD5 09bbd37132f6c738fa2ea306752f6b93
SHA1 ab6b3f0637dd782833861a2b337e49f361b4d23c
SHA256 f61dbc043978c7eaf9b83f6f829c68bcc1e16212a4896e98e5385cdae2491cf2
SHA512 49d847364e9b8572f6ca49930c6c311d30dd4754915498cb1905a5d51ee6ab7810258c0a977b4ed4f991c64edd7c68359fc43ea03e43653cac2ad27ef8ce4c0a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\00d6e5e182e93c5b_0

MD5 c2e61b953e85f18bd3e7b334b2765cfd
SHA1 fa33cd90eec9a36c6ba4106a6cc9d128d829ae5a
SHA256 3056098a8fe3a8d1bb1a476c2fcd84390df8a3d1278cf04aff1982604fa6a504
SHA512 033257f6b97054db68e223e70af3677864a6c7bcec218da650e637700455b7fe1da504a14e8ab7e0d8fb51aba8ee4727dc7f470bc9288be3e0bdc26855d246e6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f8aaccc3e8ef0ff7_0

MD5 4beb0f80947ac478cc94a74d2dd9b87e
SHA1 a4b6c41adc6cbfe670c908cab322efe9bf017c2a
SHA256 4f98843b4d53c817a4d837f0ac12c8da43a4d36d3cc48aff5d6c3d532b322196
SHA512 ed8f163b151180885ff276489292f930d2be9d8786ebb0632547cf96c3f2fee4e93a1dbe8f52a1c7e559ef86cfea73228914cca74329adae9b870b3b4739731a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7b786ea00bc52ff2_0

MD5 31b8a240bc0c289c1534781429863b9e
SHA1 d4c8f30664df3ac48fdfc20056d555b6dc52068c
SHA256 40ab01309e6c42c46d3ac30585471037577954ce87504d0fd1173a7b465c8411
SHA512 4a1316a2f8e403b255cfd4209207cac5911ade22d72c79e7b4a1275f19db63086030a5c0c1bbcc066e8ac04a6708b4cf2efa4911eba249d30bc04b63e2679c65

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\766a061d3f03a4dc_0

MD5 a6f4574299a158d37f0b8a12ca809a10
SHA1 3ccd2948f2a74cc1bc1d302f8d11e6ecb2ebc8d9
SHA256 409a29c4fab055bfa1c305e1bf4f9a591876e764047f5a4c8f106ca3e1347960
SHA512 7bc191c50346c1a471f4d0df59adc8a43757f080f9777eb9d470b08262a0b7bff27ab47a76bf68978a8140402afb7fea9b6bee10fd57c170dcb79b219d0b2b58

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9b603a7990b98d65_0

MD5 d9101a0b0625e40e850cad347abd1fca
SHA1 5bc5c9b09b43b6275cec87da4841486776f09e06
SHA256 f64763662548543b8cda4eb298a23bc1506ffd81d0790de52691fcdd20beaad3
SHA512 b62dcf8c861894cd7658ece044eb2aa7bb12d69516c1af5a289640318c4bcb349f410b32e51c590541143aa0c6b0cecc86510e372b2eb01bf8391e7c1b20d7c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0e59e95f5daf339b1c9487aede7a436e
SHA1 f81704b5668b431849d51a8132d3bb4b402a613a
SHA256 84bf610bfdff8da557d700ad2b1a17ff9616e71a6977a2d6d4b5f2311f2e34df
SHA512 cf861429ea9a1ba109e89bba1c063a6a6af6b34627c4f253083851dbc99c5706f18ace63b55b153f5ba9c87b41b8fa109f7a01ddda5232e5d5b56a5626328a39

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\bd6b414df7ecb6ef_0

MD5 d6b44ba64e5fddd7b111baa60eb31de0
SHA1 3f33bf886173486974b93da7510a030c09955e02
SHA256 d8cd7d777135532242ed390c0a6a9ab90cecea2e5bc101e00362b74a4db1e370
SHA512 72cd6688c04f75ee9e4085a6a6ecc913593886e4e9e27341de31c2fe83b9c755ed3615a9f37dfef5be126009c699f21c8d2652e2a93da76dd9d2e49007265487

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f76685249435b4a5_0

MD5 10443030f25d26bfce8d081137c5c269
SHA1 1f22d387955b633677dba86ce2a74058b3eefe39
SHA256 7b8642a8c09a5579b8eef59dca3220a14568dec4e602e378eadb83c65add0392
SHA512 d068387257e1b304a0048e38e5bfd74f0e756c385b70257dbbf8b92199c6a731a07ba6563a3d9d4eb25f4d7cb64861e0e484969f096b0f4485a683988500a116

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\24029b20a1b39be0_0

MD5 625e367c69389d99bbd348b58c6e1a92
SHA1 ce2d17277cbfce17c234dbf856ac8bb27a2ceb23
SHA256 854a504aa9dc6110fa6382f4b33e89a93b890a661f0a5842e240990fb8ba5660
SHA512 0a2c545599fc1370b2587118ddd50df1ccea4b2010e950b7ffa17c43f68f082953c7883c67d3a1917f4ba0381f0065c10e4776482bf2439b1a327af5b1835fdc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\713972375509c2a2_0

MD5 89414f5e5c10b7d0d5fdd39c1e8cc2d4
SHA1 cbcb0f4f32504ae780a32b8831cf143a024e706c
SHA256 8aaf011d0516aaab9f94e0b69f7fa7d6a82ad91efefcbbbca17c8a0109f687c9
SHA512 b0bbb936f14819dc274d50a3de358dde0ce0fd632f6964b8df6f70be93ea3f9bfbb0e931cb80d0e8063a37f31a8a6548f6e40ee06384a36017eb6b1b58d8893b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f3fc4a91ede41ae1_0

MD5 788daeb867b3d25a89e38ad3e0a32055
SHA1 d3ea30982f02d2fb5e7659112481952c50264e99
SHA256 3c4cb73d382a7049d517bfd76ef60301faf6de841a5ee840df97b7ed99691130
SHA512 1c2d13132829d361b763e1101653b85760a601748c7301efec95a4f450833842da35812b81a1ee7e87c6194ea862216dc8010bc0222aefd37a942ca10471f4fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00015a

MD5 9c6b5ce6b3452e98573e6409c34dd73c
SHA1 de607fadef62e36945a409a838eb8fc36d819b42
SHA256 cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
SHA512 4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a9909b9d83a3d4e9_0

MD5 2f4e71d7401b1bf36d1eeb9fd1d4fa3b
SHA1 10020c58106c5e63c0d745cdf2c312a75c536afd
SHA256 4497d5df4feeb834debaadba27944438159f725b846b158a1e4eef64a29d5158
SHA512 dc403c1db3433a8d825bd4db769820384690b916f16b1f45a3ba1d4db332f15219592b035853ac26144caa3df5eb192cc93e1aaec6e81eb00852f2497859e69d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6abb80179430bd08caa64d8fde2ff1a4
SHA1 4812deddc1e1a7ddf735cfe1d586240604d3ca33
SHA256 3dd5d53d99d3077199f64e4220cd9180a49cbb3e4718e7230e110bcf1a1501a5
SHA512 e94092ddeaefeb8a02cf9d299e26e5431162591a53395393b14a7d917aa2a947835de211a9481093de8f2deffde84acbbe92f638f98f69ca19fc42a42b7e6d67

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c82f5a939200d2c32b318d92d90e1b19
SHA1 8b753068472af2e063025335ac31b7dd7d81933d
SHA256 cd0a6675a8c5f5d7e34e026139f86b29b413dd700334cb0fac0ecbf225fd9348
SHA512 15648951a00567d0b429e5e5d64064360d825f77144cc9f8e0d6e7aa1f677df96b9a5c9e5b536eb5e187978b57d27447e64e347b3b21c17729999696f58b4714

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0429fbbaf39ed9ee_0

MD5 a1cbdd6f96a4fb7e178bae3d2ec20f77
SHA1 15c6cafe67738dc5a54bee004f10cec09cefb644
SHA256 07197f8f7d198fd42bc28e08b883e5cc3c74615af6e730ebfb9040343a7a2f6a
SHA512 33e3aba7994d6b5885c0b7f1b6a43c8e499b1683fee48a0aabae941fb7b65fe00f5c8a3d044f245ad11b510d1396a1f5c7b656c5d44132c1a1783a91102b81e0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\af7a037662053d25_0

MD5 caa53751227b2817572ffbb7611bc812
SHA1 54098ce0bacae51a3535a548d80f1f64bbf24383
SHA256 a929a4a63d8bd76f2e9883d75029f17b53d6bab669b357e3c855c4e2dc072f02
SHA512 69140a28986602f8871447dd009767f87e9c69c73a371e29118aef288038709ddab83342334322b53a0c51dcb8eec7a406cd939edcdd6ea2945674006afe30d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9b36d0f288043d4c_0

MD5 096adcd1b0e0f2b2ad24624169998d32
SHA1 52473e8606278b000979d049aa534bfb7f6c1cab
SHA256 4e01572fb2e41453d969e5a01394599e21e24a5b5dff549b535619d9376470ef
SHA512 6574b1c378ec512cdc26899445a942391d38833b2382baffca1e5f5fd634e20a6445bf042e6be19725f4e4f54e35618a17c3577406d6a179a81a7056e1b77c54

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\10e7f09a1dadfa79_0

MD5 5a13a9c6f5caca39d7a856080e5127b0
SHA1 2db5a9960cae696b0b63a59f565d68d568eead9c
SHA256 ab491cfe07b99cac0d97085c0b577d8a04979956bd648c69c5dfe00895e71723
SHA512 fbac8d22622358c12fe419c1476aeb0d80c297d582e1f1a13083c4a6497ebd5550d5eb92fac3c9ed1494eb99993af963c7ebcbf0bbca4575729aa8fb62deec64

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\85e264f3350e5504_0

MD5 c585d3f40ca7a5f83ed8c347ac584953
SHA1 77b49b2fd88938fffbfc63100f700f6faf028eb5
SHA256 d539766e2480cdef039780aaaec1b3915c646ec3f60d1a8e6c039017997d67ab
SHA512 0f9f7c5c8dfb5cf03a14654bded2f7cbe16affe8c88178f82151d5cf6d0f9544dfb1d14263223e0563a121606634d0e4da344ac11fb9bd68d81c568c6aad7ac8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\563794ae89368f77_0

MD5 f58c9f069bc5514455378fb3082eae88
SHA1 195fceb3b97cfc22daca4733cf7f4d322b8c8803
SHA256 7361fb5715f7ffe0545084b34fe099b8f646ad1aa46d6a3effb9720be09730bd
SHA512 0293b115a28d4545c5f5f5898d3eb2e25d104558945cab55b81fabc710c946cb95932cc24b038d57afeec08ceb082d77ac41de99e5fadb36964cb7089d5cf22d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7f0e07c14c2aff01_0

MD5 2f3e37619e272c0514ec310490acd021
SHA1 f05ea133606795692753dd55d83704f977c0e5ff
SHA256 b32c57d64fa5e6f742fd1178ba811c1dc2894ac92d058242aaba519be14f9158
SHA512 edacbe7233a42babb12ca3cf70fd6e3292eff8e5aef9bcb80cc35667271888a9c524e0a4d9952d3d62bc842ab5b771fb053339367bad896c2ce45a93bc605dd1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\1453e2c97f621961_0

MD5 9edfcfc34cd06743a4ad3cbcf32e59e4
SHA1 9ac08b059b31f27408f380dc7fe6b765654038f9
SHA256 dc4beef18d2b56180894b4fb610288f1024c6ac1cb56c9b272f5a175ff1758e2
SHA512 3a5d871af9ffcd6f2802d38f23ae65b8a2e6aa0f21f0326384a69e5390d994133d00e20d7ec09dfc354762375dbe41ea98eea9a3d72ee4b0662653d88eff5c5a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\45f26ee2a6b0bf6d_0

MD5 60411a6dedfccf11795e020dc1f510bf
SHA1 b39d034b55a83ee5898bf21c499966dc7835aaaf
SHA256 4c7d6e78543258a66a6fa2a1fc068fa3ce30155fdd17ad2d90de9339a441559d
SHA512 a55a09b8e1f2e5765a884574c013b68a3b9c975d64ed17425fc63873442aae30839ee1f9301040fadc1ae5859ce461e1cb651c3b1f4ef34307419ab3cc0791a8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d782f305bb50c377_0

MD5 c8eb46da551bf431b5c51cea72bff77f
SHA1 7e2a25d156c1c5dea33b98c416e2f71acd3e3b5f
SHA256 c533527ec7e1e07bd257465fc2c2d774ad5d34a5b3a9f78c04650b830d5e41e2
SHA512 b7f995b5648a8b62eab4745a791971c18a7651e8f6de20ccdf3cdcb91b314ad6d0d1691543f3852565e968c858e97e2f041248e3c58b19df786732a115a6d2a8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a2d56bcfb0140b21_0

MD5 5556e02d88b9c03dcaa61b7ab6d473fb
SHA1 458617d3387a92e7e48d0eb03ef23d27820b93a4
SHA256 699b087cf65e2a82e51e6361db8fa6405b59a03b9adb083486e9eef40f0e9368
SHA512 7fa24d128222212abbd23b71a13137d5782ffb1413c3d91c2e4df9428258d32dab19976bef616e696a024119379fde547bc05adc5cfa074c5f969ca26c3f5e75

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 0d3366f606490f4f92190746f4860534
SHA1 c4699465c32a7b0b215e3fc4516a3e05f03277ac
SHA256 4543b3ede6959297ff6e6ac6b078b948b6144be56afd20370e4fc6e416f6c1d5
SHA512 acbb0f79790a89354f82993756a1557a5d092054454b3dd6c8efbc47fa662e0ffc6fbcaa2d294f57f74703498d9bef9e2dc59a2fa1ac6585b6cccbfff5cc5300

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4fa89aaeae3d9b535db469291545a5d4
SHA1 b61a56c78f34a560e85ddbe036206853984e34df
SHA256 db75c408fe9b8f6db2fa99da83b72dc1aa09a2b10b2baf56a0ce0e0a3e94e78f
SHA512 7a62786d1f21014de4f7faefd25f4673d72232a434cd85a1301ae7bf682420fd87b6a251170e2c51a1ab87817d2c7cfda2c9ab8824a63a64b4f1dadf5f9c3a9e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001cc

MD5 03540bc1e3bddff95b988614dae400cd
SHA1 bc98f54af7cb2f4307196ffb80f7e31d04cf6259
SHA256 8a26cc6f73d46d9b3e8b4ae1f37b7c5d8bed8f2126d9d79b042c6cb275eacb7c
SHA512 74355ed8ed78239011ec5d99f719c422e19bff9626e6cf0181a58fd8b24310bb2aba4f837f671c296e3505a7e47e436e7ec8b03eeb2afe4e8a90f3150e60cb02

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\05cadcd044049aa8_0

MD5 dd419c7535e028fecef733150ae43e6e
SHA1 236d67294a63bf2c6f1acad4d259329213a495d1
SHA256 af010b325b654834c83c958b6ce5f5e63463440919c14f7633f6f7d1e305a133
SHA512 e76a4cc6e3b85921408a0fd1e7ccc9a0e10524a499ec858d90f762b16018cd2e8e372d882123e4372061c113d400b572587dad3216e2d2446432b358c8e54ffc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 fbb52c4dde9905504b64111eda03ba66
SHA1 8c1be01936a7e760b96d2e2c3db1ee7adc647b65
SHA256 d01dd11710334d33f8e7a9030bd97dab2a920e8a2f04bc4d3fff67f13f5c100e
SHA512 b238665f407c614867999caa1db2180ca51fd0e0e28a81837fac4152fe01205573ad3891701c21cfb3142262f43e9ea7bbc37ff22692de56e48a29a7aac0f5c7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b8b6fda496518eba9673ec04617a37a2
SHA1 451f6568a8e3692b2025f1ef42aac2defef8eb8c
SHA256 0250b66602b1598aaa6fd50b00e0056fca4cd4c84897e2f19618ce2179f50974
SHA512 08c54567c5467e56b78a2e127ee92e30b5a95f91e84d5ed04463fe76fd6e9f574188cdde8e454a6231393854be7044c5c0204beba6e08daac818535b41bf76f1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 73b0dafe29ade5d9c26d083fa832c83a
SHA1 057cd87e3ce4ee96c684d5d559ac1107d9c4f0a3
SHA256 499e8222794eddb5a8f27e115d70ac646a45296dd17f71cb0160421b8e1006df
SHA512 13cb01b89de875e6f6ef1cd752c6d3da639462beeacd1f2ab2397331acd02b733a91ac004a8e2025d265dd70e3788446872d95f4241f23d7fe1ccf7590452e6e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000188

MD5 0c6a4b42f8d70ae2d861d97cc71c7bc1
SHA1 865185fbffba5d7abd259f5d8bdeb3c50df304ce
SHA256 3946df728f5ebd6ed0d9c726e82a7043f89b27a430f84ea30cd3508609e81e19
SHA512 254a9b2c835c484256c81d5d9e0a9558644dcda810a0bf77b2137f30ab5182b7925b763bfe5149503eaafd1db1b83e8598ff0a9ee183a5769c315476323791c7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001b2

MD5 05e9679509b61424a07cc4d4efb7247f
SHA1 db4fcfac1d89c7e4f0bdbea9023034b64a9dbd81
SHA256 31798b2630a882be758010dfa51b12026c8fd81f0e4068b38fd739cac78cba0b
SHA512 1cbe7343e19b41f3f116a93d598d7b67779d29c6bc0a7b086d112dfcc76fee60811290b67b5d2561751700be483f6cd460b9b4c8325397813314ba064e4c2208

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001b5

MD5 99a98310c7c0fa54c92e1bdf5d6cc908
SHA1 58be1a6d6a2cd26f9d91a573f3b74cebfb625082
SHA256 bdef67d2706bb254dc282d7dc89874a0dc2342cd288667ae3b5b6558aa17225f
SHA512 d3f613e6abfa4caacb6c0f86e1759a68055ae22fb98527ce1eb4246865b2e3efa46bc0d18b4302259f6700bbd9e70f5b0c8cb07f660d6775a4fab431df48eb03

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001a3

MD5 de3b70a189d7a62a4a37861cdf96234f
SHA1 d9c7f9040f8ea1a31ee28c1e2ac0d7eac5393b85
SHA256 d87ab395da52e9da0ca473df57c82e1a160d9239b8e0d183dd4b8e1622b3d39d
SHA512 bf2071a059e34beb195508dc69962aa5fab5b4df629d99d244e42ab42af845483c1e078be54ab61b165883d9e522ed3b37e4191b9d528604fae5c0af7cc6047e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 079b33dc69e502fa837c4614faa8b4ac
SHA1 7f2709307003278ca52f890a8e952077bd5f15ec
SHA256 60a2161781f401b6a6ff629e9a5a09f7a424ce4337e3752761879d2df84c449c
SHA512 709336a91ebfa5256509a6e478edc792e2122cad28af4ac8b52f162b95d073f74fc6826cc90325793e67e808db0bf84f12498e05a919616ddffc81a8b79298d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 74176aecfaaf264b9f7f843381452966
SHA1 5738748a8cd8ac55dd3823ad7e69febf83689afa
SHA256 27c541689a2d02872785494fdc691c9347e720fa0763a8262603e2fc28cbc29e
SHA512 4ad82be3ee6d83e0fd31eb63431fac2a4e6fe4ecbeb38b0dc5bfbcddd39b091df97a78cf962a996d8db3930381338893b723b36284d026c9b571d6dfc8847ca9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001b0

MD5 73c902955ca3b471da95fc832d229686
SHA1 9b5c5ab5f958fc963db270c40b5908e5128448c0
SHA256 03a0fe2e76c2e440352b8ba3bb80e750a4df1f5571a4645dc1481aec2fb15975
SHA512 5bd71fbac24389f7e7d30d1c4c6cd0816a619f63aca3cfdc09bac6741eb27984e82edd61fb5c085361c27aa5756e962012c11907480eddd4fabb856879115b1c

C:\Users\Admin\Downloads\Unconfirmed 631367.crdownload

MD5 9f9bbd12ae5894046810e6736ec4d892
SHA1 9e81b764a40ec39f6667c54b8d40da0b97cb5a7f
SHA256 8d48d0a05d581922a4d30ba98cbf51ea981a37c95fad689e0b84b979e312f6a4
SHA512 57d5b59de422394856e15b2d65c1f2a9e85a1b012c954ecad98682a84c7f90ff00be91819c8ae9cd123270e2cf446d69bfb248bde471a29846d57bf401417eaa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001de

MD5 1aca735014a6bb648f468ee476680d5b
SHA1 6d28e3ae6e42784769199948211e3aa0806fa62c
SHA256 e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a
SHA512 808aa9af5a3164f31466af4bac25c8a8c3f19910579cf176033359500c8e26f0a96cdc68ccf8808b65937dc87c121238c1c1b0be296d4306d5d197a1e4c38e86

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001bd

MD5 6fb26b39d8dcf2f09ef8aebb8a5ffe23
SHA1 578cac24c947a6d24bc05a6aa305756dd70e9ac3
SHA256 774379647c0a6db04a0c2662be757a730c20f13b4c03fe0b12d43c0f09e7a059
SHA512 c40f4771c10add1b20efb81ee3b61fc5ede4701587f29a1c2cdde8b6faabd1c76d769bf8b99aa19082012f95d99ba448a472463fb9056acd2e43542e14e605cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 cd75ee180b67a8acdcc6aece1fb96a7a
SHA1 734b8ee9288895f380385c0ad3a95db2aab35c41
SHA256 3607cfd0500232670301f95514159a2086cce21d99d3d753d7ec2385b90105c5
SHA512 781b7841436705a34dc8db8728fa22b55a8322c1e4e6e5a61afd43e185f69fb2afaded1f97181e4dbafa8a3353b0568f679bfeba20a0219d409365590030950f

C:\Users\Admin\AppData\Local\Temp\Setup\ds.dll

MD5 d9cb0b4a66458d85470ccf9b3575c0e7
SHA1 1572092be5489725cffbabe2f59eba094ee1d8a1
SHA256 6ab3fdc4038a86124e6d698620acba3abf9e854702490e245c840c096ee41d05
SHA512 94937e77da89181903a260eac5120e8db165f2a3493086523bc5abbe87c4a9da39af3ba1874e3407c52df6ffda29e4947062ba6abe9f05b85c42379c4be2e5e6

memory/5652-5297-0x0000000072E50000-0x0000000072E66000-memory.dmp

memory/5652-5290-0x00000000093E0000-0x00000000093F6000-memory.dmp

memory/5652-5302-0x00000000099E0000-0x0000000009F84000-memory.dmp

memory/5652-5306-0x0000000009260000-0x00000000092F2000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f19fb5992433c5e59583e4acdcce77d0
SHA1 7e53ffc3708c2dc21a8b577f0adb5ef990550abb
SHA256 67231c99ade6df166269c2e7fde580d119d501c8c5d26d23dabb2fdf3c9c3e91
SHA512 ebbfe208383650602282fa98da3f5d2426ddbbf17586217349d9c150bd7a71c36bdd4cf43575ebdba9b1cbf566e732420b4ed51416865e48784f14ada1ff4960

memory/5652-5316-0x0000000009690000-0x00000000096D4000-memory.dmp

memory/5652-5317-0x000000000A3B0000-0x000000000A44C000-memory.dmp

memory/5652-5318-0x000000000A450000-0x000000000A4B6000-memory.dmp

memory/5652-5319-0x000000000A9F0000-0x000000000AF1C000-memory.dmp

memory/5652-5320-0x000000000A900000-0x000000000A90A000-memory.dmp

memory/5652-5321-0x000000000B100000-0x000000000B150000-memory.dmp

memory/5652-5322-0x000000000BAF0000-0x000000000BBA2000-memory.dmp

memory/5652-5323-0x000000000BA90000-0x000000000BAAA000-memory.dmp

memory/5652-5324-0x000000000BBF0000-0x000000000BC02000-memory.dmp

memory/5652-5325-0x000000000BC60000-0x000000000BC80000-memory.dmp

memory/5652-5326-0x000000000BCC0000-0x000000000BCF2000-memory.dmp

memory/5652-5327-0x000000000BD70000-0x000000000BDD6000-memory.dmp

memory/5652-5328-0x000000000BD00000-0x000000000BD1E000-memory.dmp

memory/5652-5329-0x000000000BD50000-0x000000000BD6A000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5ee41e48499c948a60e1124afac696b6
SHA1 7ca958a19dbc5936d1fd0f3abd5538621d59d27c
SHA256 bee22acb24711cc18f8c651fc20e123c278fe3481f8efe88c45f636fef10c70e
SHA512 64e5e4dc5dd35e93ac941e1a0a9250ebce34e3039540a7aacc1436162cd41d6cb64203834df3a265b57dc83cecb3431e0b99afbc82b8db2a9c767c6cf616cf3b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9fd67fb8c4342551867c3abc8acb7567
SHA1 aa1ceb2bd25a6dcfea32e9d023f5f8339df3a9a1
SHA256 4adf31493159a411d0d21274db3dc0e8fdce137d169954be1d974492db263cfb
SHA512 efeefbc346923d45ce0e76fb33da9707dc9a05aaadd6609d42084aa4469d182f1187e1f60b050461a2e727ee6774eb6a3fc3dc373d436285f5a17390cf906eb5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001d0

MD5 7a3febf67976a851e338aaf5187aeb6f
SHA1 4f3571b4f32b04ef717155853ace43264bdf63ea
SHA256 b518757ff7c848a66e34f5aaebcda5b6dd7f24360cff2e4a496b9a8b59fd3bf9
SHA512 9d6720e46d83b07ab69720e8bd7f3e173f24d39cbc676c06e5f6173aec8bdd0bf88dfce4ae9f0f07b01e4039a0128cec1556d33a51085464ea13941956f86517

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 67bb93ffd65ca33dfb1605cb2d2f54b3
SHA1 04b788049cfe0eb33dfbd8c519e7c7734c79a0fd
SHA256 b0ba1c51088c84a966af3c244fc231325054deb843b4ea9999e90d976c01fafb
SHA512 91a05c391c1d955292139a3e138c60e1d161f87c10869d3d2c6e3cfe5f42fcf5b230fcb77e4f5d157ea25794081601710b7b73d3becb0c9e17fa36576fe9a82d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 71df7beff9e98b77b7fba3d2b6f0833e
SHA1 c3091e9a5360d6940da60a3cb0204ec1177a275f
SHA256 73756b47ff8e4e7e1c51da9e3ca11d625a81d35d4409e831789b079e87fb580f
SHA512 e5a421579e137f38eb088858935174d342987b2c67183dc4b711ae4fef35772f3ba80e13ffd13a63d5c61350fe4ef9878492b0c0cd290eac2edc049269d1d906

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 354af5c71eeed8829864b20739405c79
SHA1 8a663972a8a4b6c4e6ca92b60fea8ddaacb65c35
SHA256 232ef6197c36daaf214c1312687ad4a440411fec8fa02ea78fa87763ec66a52b
SHA512 cb143c9a6c7ca5f48e7eff59a78f39a3ab59fd1008e7ee357464cc8563531b5c726cd1f6630d324ee587a11a6a2b8f70e4bef19d41646ae7376770b548afb09e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 914e5c9054e97f373320aa78edee718f
SHA1 a7570c5b691e2a7dcd9f7077e45611bfb100441e
SHA256 3c229f9d897e741db8a575c32861512a8f81e1f32db6bd64b8c3442e87a26e26
SHA512 75c6534ad2208b06262394c61af598e0f9bf69046c40392c85346bf99e603195a40fbc98acdbe639205e1d7f36347e992f8436d2044573f6020b7ca928588e81

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\9f16ae3a-6171-417f-906a-fd8fc14f67ca.tmp

MD5 b28ecc0ee1d8aa1507dbb8bed7375243
SHA1 8cf99047022a2293f7b464e0faffed7ae1496baa
SHA256 6e827e1cf42dc9ee3359777a15e4586da2d50c69468131d8d251da6ed2d98021
SHA512 aa6b859b86abc1a537c39d0b547590aa8369fb0f80463a60efec9da2170a1b4f202fc4312872bd4be64844e43132fc344065a90861a1680ad7343dd6b8abd781

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 cd7a978c4e90912507e272a3e22ffaf3
SHA1 3342d42695beab8c5a22b2d309015f9bb104411b
SHA256 8ad6ff7b2a6e6610cf4dcab3b1fdf3a1079fa4570eb5a602b20682d07d6b74fc
SHA512 dbe100c38fbe6f19bfcd856b06ac33c9e8570669f011a5c63037b054e932f64547e4233e976d955f109ebc833643714d3cba62de3c64ef5b951222a9f07c7990

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f7

MD5 b07f576446fc2d6b9923828d656cadff
SHA1 35b2a39b66c3de60e7ec273bdf5e71a7c1f4b103
SHA256 d261915939a3b9c6e9b877d3a71a3783ed5504d3492ef3f64e0cb508fee59496
SHA512 7358cbb9ddd472a97240bd43e9cc4f659ff0f24bf7c2b39c608f8d4832da001a95e21764160c8c66efd107c55ff1666a48ecc1ad4a0d72f995c0301325e1b1df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f6

MD5 d9b427d32109a7367b92e57dae471874
SHA1 ce04c8aeb6d89d0961f65b28a6f4a03381fc9c39
SHA256 9b02f8fe6810cacb76fbbcefdb708f590e22b1014dcae2732b43896a7ac060f3
SHA512 dcabc4223745b69039ea6a634b2c5922f0a603e5eeb339f42160adc41c33b74911bb5a3daa169cd01c197aeaca09c5e4a34e759b64f552d15f7a45816105fb07

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000fa

MD5 c3bd38af3c74a1efb0a240bf69a7c700
SHA1 7e4b80264179518c362bef5aa3d3a0eab00edccd
SHA256 1151160e75f88cbc8fe3ada9125cc2822abc1386c0eab7a1d5465cfd004522c8
SHA512 41a2852c8a38700cf4b38697f3a6cde3216c50b7ed23d80e16dea7f5700e074f08a52a10ba48d17111bb164c0a613732548fe65648658b52db882cacb87b9e8e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a72dcbf2605cc4ec7c599e38bf84f1b4
SHA1 e51c7c829a95f6864b713733d8015f404780b578
SHA256 fe5e8d610254c057331d1b018c317726b806019f989aa3fceabcc972b4cd082e
SHA512 678fd2e9625d8cfcad4eae2a1552b2336d78a3662f129ea1d507871681ca1e6ec81df0404532f7b91eb34395f23632c0961086e60d56c455f458ce631dec489b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9c21a3a092f2cd837942931d46a9ee68
SHA1 452c6178ccc3155cd8d101d909f1a960fd7f7efb
SHA256 81e44c9ce0becb6a73af462e4437cc7c46a473ed98555b41ed40e35206759680
SHA512 7b67cc29efd1f70e7cc31e5285e4019d7e663da8c39f4ce11b6cfc1184d7e3ee0804e77a84e45e8cca84a99ff3da8868318923707fd28f3fce02f18270460d10

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00021b

MD5 b7acbc2406a7f663f4fbe535b112d734
SHA1 602ffdcae76ca3911638870f244d16ee4522a11c
SHA256 5d3df9af4acbf8773676af0ea887e966bb0f8dcccc6f4f9040d9b6884d3ba51f
SHA512 6b20ee9771a2b9234bcb4ced194b1fe58fae7ae75a3815b740b0b72a9b2a58be77b1ed20b919ea8a9675eb8f708a1b4df37ed8c013549bb85e44118f1362350e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000225

MD5 4fa70d88bd3df8dbd053912570574946
SHA1 b48d1b9f5e96e3dca6fca1a01defc2ee896567cc
SHA256 8bd98ab06ce741c3bd2b33db83d8218e01cc183b6c2fe287b1b7decdeae68569
SHA512 56ddfb23fca1159e89ff2bdceea59cc2237d1c661560e110e42e7d2fc55ce41e7916d1ffc613b2a156018659b57ee9da25905d3a17058efa27d7bac7ee77b40a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000234

MD5 9043f5ea5cd16b55c3d675ab0dee9f59
SHA1 a462e678256eada1dc839d1e0f3d6b20cfcf21fd
SHA256 dc70596333395bc452e7e1fda6ec05e515f06d666eee97e7b2bed83e3b0c332f
SHA512 38fc9318b130b48b9465ee4eb393c16c5f18bc84089cded7e5e09a1ca984a9b26813ec8130910d6c2d5b649b87e385376e2c0934078f9dd9f8e278219c021cae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000237

MD5 49295de6ccd23cf80b6418a2d209868f
SHA1 42a955b4560bb22cb9b5b39577f7a691ea345018
SHA256 d5a29c73c6200af2ed6918a61106e649b92098ecd476830d725ed4d2ea5a8efa
SHA512 2954ab185fd84a08933bb6e79d91e301021fce4e632b477e765c172cacf72913561e101ed2f7e66bfbdc5946b35f2b63eb2b6f878e0afc9d26ffe71ee112a1c0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 10a590aaede03394b9709be5ad588fe4
SHA1 459fe8b3bec98333e6d72faad200b8519dd7a33d
SHA256 72ac55f452bc33acb8c1185117f38e4916aadf8044dd0c26b67704abdc7cfc04
SHA512 c51a4a4e46ce6c194a708a4db589e9fa2b6ee699ca7a5e72420847db13ce8f9aa07d91b71a78acffd6f0e2d2a94602c2096047037435479d8fda2eed681af5d5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6bcc477051ffd595bc66f10897b7a9d5
SHA1 30ce670b90b21f465ba67f7641f5cedc9dd70067
SHA256 736d3de8746bb39e20fae8710348a393cf9a611b8e1b89687ea63fa7385fbaf7
SHA512 e1440f3c4b9c9271444dbb8d785089620a5a24e871630de470b3c03815ff83c24c27c2528ac9b1bbd3092e6c77e67d9f5c2aecc7cf4a6e7c9a822bff7acd3901

C:\Users\Admin\AppData\Local\Temp\LDPlayer_files\installer.exe

MD5 6c847932d63660b0e0ad0b0a4b9780d2
SHA1 17139565a23b4a6cf1891296c8d1607ec7653a94
SHA256 ed60db47b383ab1f4f50b8542d22ce992c31f450ce9d33b946a84e0ebfd3cde4
SHA512 f8bb7521fb8f24dd12ef7e59731bb5e68cac0d75ad547216d97b6069e0ad48dc9a25c7917f760841df1604fbe43335ba039c299c3e2199eb6b1f8b53c4fd6b75

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 459669505e710300a290672ee544ef44
SHA1 6b756b43736eba4bb0c4eda3ed32b1be3870d83c
SHA256 d561e4d4cd46e42ad23ce9deab2c6665898767cf747711598357cc053a108f48
SHA512 bbc5f17a081bef2d76f2e2ede0c796f62b6d905720c5ec1b87a9cb9fe01e899e67f80bbbda36780981e629ee1f98d36e42c9fcb69adfd405a9f38f7aaafcaa62

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe606778.TMP

MD5 205935036e90adf4123d12feafe89a06
SHA1 8d6689d181ea9a8026d050bb38a449d3a60380b0
SHA256 48f14686307906ff56061882a1f8c845d603b2e60935f371e8d1bd60428aea37
SHA512 68f71e4b0e98fc88e0406df475d3e00223e5dd24add94deeeda2bd5604032be23d4ec3ef900dfddd999682f40cdfee1918c361b3f20839feb7130e6be7416d2c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 0099a4525e198f9caea8f9798d9ef042
SHA1 e191f7c7ca646f9e2c35c9c31fa4d273bea1e95c
SHA256 e6f8b13ba61635af185a72abcfd720ef386b4b73543c39d1d25dd4c5490b38ba
SHA512 3d6b17d24ec18f74cd1cf66909c9a59ea298c027ad0ec4c1129fccaee1d9fa8150c3dd16b6b5eadd704c5334c6dbd47bfc2ead73616d20c6619f4855f3e1e0f6

C:\ProgramData\McAfee\WebAdvisor\TaskManager.dll\log_00200057003F001D0006.txt

MD5 7a9eefe17669358f84491c36ae2243d0
SHA1 e753771d7f25c1b1723355f38ae263e27c1f519a
SHA256 aa851e31b0c8e209c4d15df7fec62eee4b22fe8024cd59a97fe6aa3b4dbf622b
SHA512 02fff65393be10645bf2b07fcb766f7e2bffe65c3b780474c60ba8f9258b1c18b17057d954a5f8104d3e8a88d8cc635512d4525da271827db130707b5f2ff06c

C:\ProgramData\McAfee\WebAdvisor\TaskManager.dll\log_00200057003F001D0006.txt

MD5 0356d275d96fc5478fc9ffe1e30d8704
SHA1 0f4902f8e68369d98488340468e21343a0628c10
SHA256 ca047dc9469a5a60fb4c4646f4d39d21d096c8f06be5923a1692dd28c5cf4f5a
SHA512 1310d7c85129947b33263c863bfef44e0b9a533180ce3fb6056627a6444215549fcb324f48e7face0771f93556ced5e58117cdf42d444fd09161a62f621077e9

C:\ProgramData\McAfee\WebAdvisor\LogicModule.dll\log_00200057003F001D0006.txt

MD5 e04043690756414aabfaf55e7c3694f9
SHA1 94f0f61ea22634dedb6f2aeba038e9ab31dab687
SHA256 275ccb15debb543ccc1988107d8bdaec8142eec6df2ea8a73ff83c478f201c3d
SHA512 c0ad65a198ee9fe021cb1db31f89d94624451649b0090f8ebd07ae832229a3edcb21080e0679ec8f4eef2db5945c5a450c4720d3232a296a2844137d7475352c

C:\Program Files\McAfee\WebAdvisor\Analytics\dataConfig.cab

MD5 bd4e67c9b81a9b805890c6e8537b9118
SHA1 f471d69f9f5fbfb23ff7d3c38b5c5d5e5c5acf27
SHA256 916f5e284237a9604115709a6274d54cb924b912b365c84322171872502d4bf8
SHA512 92e1d4a8a93f0bf68fc17288cd1547b2bb9131b8378fbd1ed67a54963a8974717f772e722477417f4eb6c6bb0b3dfba4e7847b20655c3d451cba04f6134c3ab5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f635ede50e3d9379ac4591d243b035f2
SHA1 8b41f750bb07c2a066c31f607bb87fd668c181ed
SHA256 5f9eb57d18bc4f79614e4fa1ecc28eef9c9aa7ab031019a05c89b7d01e30a5b7
SHA512 264bb22a200274dc63daff0f3da803144d0859829ea41a275b2899d45e2ac0e755862c59416a117705f3d0883563fd81c6b0bc5a26a92072f40ef37cfd76910f

C:\ProgramData\McAfee\WebAdvisor\WATaskManager.dll\log_00200057003F001D0006.txt

MD5 64c2d4ae1aff51775dd07b1e9a37ca68
SHA1 b817be32fcafc493a81355743ace75762a445d15
SHA256 1020b6fe220083c94fcc6897b70fe82cf7f86e04c3e2294a39309d48a679bc0a
SHA512 372e4487f1c69811252ddc9cddc90e0ed2f13f8eed71f241e614f951ae21e92a4f3f4c03111a778509fa1e0e16c5aec998a71dc7147a2832fc30cde19365dd6a

C:\ProgramData\McAfee\WebAdvisor\UIManager.dll\log_00200057003F001D0006.txt

MD5 92a0236f343f6a71ffc846fa3a57630e
SHA1 76629c640edae04435255b08403536bcfa66f871
SHA256 f1c3fc218baa4661a32a592badeb2d6db30074bc1c8320e5aa6bf58ca20d1e4c
SHA512 b071fb77903fa4fb8ad6835f886f91faed9a176d06ddf82dbbc3980e8309ccc8cd496ebf7601c98b910dec66510df2e4610e518daf0357f7f4012e37d4e83271

C:\ProgramData\McAfee\WebAdvisor\LogicModule.dll\log_00200057003F001D0006.txt

MD5 2d60403ad752ca465adcf16c0d0b3899
SHA1 20a2cd1051ccaf0b859377909a4b3379edeb7ca7
SHA256 5a1c7822290da70dd3d768c1a94a0f76c9f2e77c0ae2692cc49aec0bf46beb25
SHA512 636dbf141f6140d447b7936dcfefa7bf3d92c89787828a61bc8cd7f4bb9a58c5eed48c86c827adcce7ea57aa9e3d0f1b3340f5339ce0ae9ff6fc7a7d9668900f

C:\ProgramData\McAfee\WebAdvisor\UIManager.dll\log_00200057003F001D0006.txt

MD5 4f67d49175170118b9838d2195583d2c
SHA1 da56651337025780592f2628c2dc11da32bf1436
SHA256 3a54dd63cd5f3c9649948e11311537f244500039a93350712b32843579cad269
SHA512 b490fc426560d73a4078fb35190780ac5eff33af44a7c8feed8c74a579137e0157be177635d5dc8fdd53c36504533ea38f84b4a5adf9b4ba28e4d0b67ffd586e

C:\ProgramData\McAfee\WebAdvisor\WATaskManager.dll\log_00200057003F001D0006.txt

MD5 4016df5651b16096f3894ceb556cfe48
SHA1 bea3b79642c0e2e078526551589bae4429408954
SHA256 037146b9dd84fb704c2c96f3ee68d3f2f8ddbf11d3f518ea8797bec2916c3f10
SHA512 97af2c41a91fb3ad9ad87830a9654b2b9eae7189a04ebefe71499d9535330e6cf6362202bb49c044d8cb11cb5a12fd475927adaf37ac01830b8e98372a13c98f

C:\Windows\Logs\DISM\dism.log

MD5 a34fa8fb4bc431185c8410e93fba6281
SHA1 2e677f040364c72e67b6ad7ad3fdc5129d9b2d0b
SHA256 5d4c6dbc1de3fcf7c685c8d1ef5ee0b656678933f2f16c90b7c4370272e5f5c7
SHA512 a52c778802960492d45e8b4840d543b2dec2091ca1acb0d2ce97018dc298a456c39e505d0e0de03838c1f52ea158f64e1c807e46807e97b0d70666246e2c1743

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2be2d492316db9d66ef4907a3f0fccdc
SHA1 3c3631cbba047b9a146993f624f09e8130001e0b
SHA256 451beba14992bd78853536bea0c2f5d8154eb7fdc61eb907dc8ade01ba5989ab
SHA512 c80fb39c41418872b43f793d48c8174f891b8a31ea9c8943203bb4581091b2c53c391ea6556b26dc8ca4c24da9599703a24e880f98bed059556ce66f2a702fc1

memory/8736-9116-0x0000000000BD0000-0x0000000000C06000-memory.dmp

memory/8736-9119-0x0000000004DB0000-0x00000000053D8000-memory.dmp

memory/8736-9120-0x0000000004B00000-0x0000000004B22000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_tpkt2oyy.zcb.ps1

MD5 d17fe0a3f47be24a6453e9ef58c94641
SHA1 6ab83620379fc69f80c0242105ddffd7d98d5d9d
SHA256 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7
SHA512 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

memory/8736-9132-0x00000000054C0000-0x0000000005814000-memory.dmp

memory/8736-9136-0x0000000005AD0000-0x0000000005AEE000-memory.dmp

memory/8736-9137-0x0000000005B00000-0x0000000005B4C000-memory.dmp

memory/8736-9150-0x000000006DF40000-0x000000006DF8C000-memory.dmp

memory/8736-9160-0x0000000006CA0000-0x0000000006CBE000-memory.dmp

memory/8736-9149-0x0000000006A60000-0x0000000006A92000-memory.dmp

memory/8736-9161-0x0000000006CD0000-0x0000000006D73000-memory.dmp

memory/8736-9162-0x0000000007440000-0x0000000007ABA000-memory.dmp

memory/8736-9163-0x0000000006E70000-0x0000000006E7A000-memory.dmp

memory/8736-9164-0x0000000007080000-0x0000000007116000-memory.dmp

memory/8736-9165-0x0000000007000000-0x0000000007011000-memory.dmp

memory/8736-9170-0x0000000007040000-0x000000000704E000-memory.dmp

memory/8736-9171-0x0000000007120000-0x000000000713A000-memory.dmp

C:\ProgramData\McAfee\WebAdvisor\WATaskManager.dll\log_00200057003F001D0006.txt

MD5 da29e21cd45803c57d8b866b8fb9a04a
SHA1 b955cefca9488401d050ba2364b2c0affc7acdf4
SHA256 067cb9eede38e740f55a23e40472ee47efd36bb23c66f2fd1ef45ad0ee5beeb8
SHA512 cd6dc38152ae9a3ffbd0acc48bb41321785efc4a4559ef6dd41961587ee2a0545273e5c451b557b97704994216800dbcb83144b4597566f24bb5a1505ed86775

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 fab8cc83dd2430f20f80e65f000dae94
SHA1 6942095a412d3d6836ca0a66473d1721ca2c4e5d
SHA256 08d9b712c0cc15ea9693ab9524bbb7341b7dd544174d0de1e48c955de49dd02e
SHA512 3370c0304d42340144fc41443d96dfde5b07df8737db90612162377053ee5164ae0283b946feaeb4fa44e8a22e08639c78be52440f4fbc802e543414e454d23c

C:\ProgramData\McAfee\WebAdvisor\updater.exe\log_00200057003F001D0006.txt

MD5 8a8241b33fc69c730e3919385cf63aa6
SHA1 b9d1fc91e6678f867b23f3357959e8150738317e
SHA256 0904225d951183a529908a681de786175769b638d09d9be78eed15ff5acf1ba2
SHA512 659ba1575dad4ef4042af0a2ddee3d7fc05c86234eb34eada1e10dd37a571298322b17e4d15c15be357336eb8fad95e0b4053dba62bb11eb778184a88788911f

memory/6660-9237-0x0000000005660000-0x00000000059B4000-memory.dmp

memory/6660-9255-0x000000006DF40000-0x000000006DF8C000-memory.dmp

memory/7884-9307-0x000000006DF40000-0x000000006DF8C000-memory.dmp

F:\LDPlayer\LDPlayer9\ldmutiplayer\cximagecrt.dll

MD5 66df6f7b7a98ff750aade522c22d239a
SHA1 f69464fe18ed03de597bb46482ae899f43c94617
SHA256 91e3035a01437b54adda33d424060c57320504e7e6a0c85db2654815ba29c71f
SHA512 48d4513e09edd7f270614258b2750d5e98f0dbce671ba41a524994e96ed3df657fce67545153ca32d2bf7efcb35371cae12c4264df9053e4eb5e6b28014ed20e

F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcr110.dll

MD5 4ba25d2cbe1587a841dcfb8c8c4a6ea6
SHA1 52693d4b5e0b55a929099b680348c3932f2c3c62
SHA256 b30160e759115e24425b9bcdf606ef6ebce4657487525ede7f1ac40b90ff7e49
SHA512 82e86ec67a5c6cddf2230872f66560f4b0c3e4c1bb672507bbb8446a8d6f62512cbd0475fe23b619db3a67bb870f4f742761cf1f87d50db7f14076f54006f6c6

F:\LDPlayer\LDPlayer9\ldmutiplayer\ssleay32.dll

MD5 0054560df6c69d2067689433172088ef
SHA1 a30042b77ebd7c704be0e986349030bcdb82857d
SHA256 72553b45a5a7d2b4be026d59ceb3efb389c686636c6da926ffb0ca653494e750
SHA512 418190401b83de32a8ce752f399b00c091afad5e3b21357a53c134cce3b4199e660572ee71e18b5c2f364d3b2509b5365d7b569d6d9da5c79ae78c572c1d0ba0

F:\LDPlayer\LDPlayer9\fonts\Roboto-Regular.otf

MD5 4acd5f0e312730f1d8b8805f3699c184
SHA1 67c957e102bf2b2a86c5708257bc32f91c006739
SHA256 72336333d602f1c3506e642e0d0393926c0ec91225bf2e4d216fcebd82bb6cb5
SHA512 9982c1c53cee1b44fd0c3df6806b8cbf6b441d3ed97aeb466dba568adce1144373ce7833d8f44ac3fa58d01d8cdb7e8621b4bb125c4d02092c355444651a4837

F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcr120.dll

MD5 50097ec217ce0ebb9b4caa09cd2cd73a
SHA1 8cd3018c4170072464fbcd7cba563df1fc2b884c
SHA256 2a2ff2c61977079205c503e0bcfb96bf7aa4d5c9a0d1b1b62d3a49a9aa988112
SHA512 ac2d02e9bfc2be4c3cb1c2fff41a2dafcb7ce1123998bbf3eb5b4dc6410c308f506451de9564f7f28eb684d8119fb6afe459ab87237df7956f4256892bbab058

F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcp120.dll

MD5 50260b0f19aaa7e37c4082fecef8ff41
SHA1 ce672489b29baa7119881497ed5044b21ad8fe30
SHA256 891603d569fc6f1afed7c7d935b0a3c7363c35a0eb4a76c9e57ef083955bc2c9
SHA512 6f99d39bfe9d4126417ff65571c78c279d75fc9547ee767a594620c0c6f45f4bb42fd0c5173d9bc91a68a0636205a637d5d1c7847bd5f8ce57e120d210b0c57d

F:\LDPlayer\LDPlayer9\ldmutiplayer\msvcp110.dll

MD5 3e29914113ec4b968ba5eb1f6d194a0a
SHA1 557b67e372e85eb39989cb53cffd3ef1adabb9fe
SHA256 c8d5572ca8d7624871188f0acabc3ae60d4c5a4f6782d952b9038de3bc28b39a
SHA512 75078c9eaa5a7ae39408e5db1ce7dbce5a3180d1c644bcb5e481b0810b07cb7d001d68d1b4f462cd5355e98951716f041ef570fcc866d289a68ea19b3f500c43

F:\LDPlayer\LDPlayer9\ldmutiplayer\libssl-1_1.dll

MD5 e8fd6da54f056363b284608c3f6a832e
SHA1 32e88b82fd398568517ab03b33e9765b59c4946d
SHA256 b681fd3c3b3f2d59f6a14be31e761d5929e104be06aa77c883ada9675ca6e9fd
SHA512 4f997deebf308de29a044e4ff2e8540235a41ea319268aa202e41a2be738b8d50f990ecc68f4a737a374f6d5f39ce8855edf0e2bb30ce274f75388e3ddd8c10b

F:\LDPlayer\LDPlayer9\ldmutiplayer\libssh2.dll

MD5 52c43baddd43be63fbfb398722f3b01d
SHA1 be1b1064fdda4dde4b72ef523b8e02c050ccd820
SHA256 8c91023203f3d360c0629ffd20c950061566fb6c780c83eaa52fb26abb6be86f
SHA512 04cc3d8e31bd7444068468dd32ffcc9092881ca4aaea7c92292e5f1b541f877bdec964774562cb7a531c3386220d88b005660a2b5a82957e28350a381bea1b28

F:\LDPlayer\LDPlayer9\ldmutiplayer\libeay32.dll

MD5 ba46e6e1c5861617b4d97de00149b905
SHA1 4affc8aab49c7dc3ceeca81391c4f737d7672b32
SHA256 2eac0a690be435dd72b7a269ee761340099bf444edb4f447fa0030023cbf8e1e
SHA512 bf892b86477d63287f42385c0a944eee6354c7ae557b039516bf8932c7140ca8811b7ae7ac111805773495cf6854586e8a0e75e14dbb24eba56e4683029767b6

F:\LDPlayer\LDPlayer9\ldmutiplayer\libcurl.dll

MD5 2d40f6c6a4f88c8c2685ee25b53ec00d
SHA1 faf96bac1e7665aa07029d8f94e1ac84014a863b
SHA256 1d7037da4222de3d7ca0af6a54b2942d58589c264333ef814cb131d703b5c334
SHA512 4e6d0dc0dc3fb7e57c6d7843074ee7c89c777e9005893e089939eb765d9b6fb12f0e774dc1814f6a34e75d1775e19e62782465731fd5605182e7984d798ba779

F:\LDPlayer\LDPlayer9\ldmutiplayer\libcrypto-1_1.dll

MD5 01c4246df55a5fff93d086bb56110d2b
SHA1 e2939375c4dd7b478913328b88eaa3c91913cfdc
SHA256 c9501469ad2a2745509ab2d0db8b846f2bfb4ec019b98589d311a4bd7ac89889
SHA512 39524d5b8fc7c9d0602bc6733776237522dcca5f51cc6ceebd5a5d2c4cbda904042cee2f611a9c9477cc7e08e8eadd8915bf41c7c78e097b5e50786143e98196

F:\LDPlayer\LDPlayer9\ldmutiplayer\7za.exe

MD5 ad9d7cbdb4b19fb65960d69126e3ff68
SHA1 dcdc0e609a4e9d5ff9d96918c30cb79c6602cb3d
SHA256 a6c324f2925b3b3dbd2ad989e8d09c33ecc150496321ae5a1722ab097708f326
SHA512 f0196bee7ad8005a36eea86e31429d2c78e96d57b53ff4a64b3e529a54670fa042322a3c3a21557c96b0b3134bf81f238a9e35124b2d0ce80c61ed548a9791e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6ea361c85ef1ca373c59173edde6b19d
SHA1 4dc1df48cbb64737f83dd96b4e76c736f035b9b0
SHA256 f784ce7046ea22973ab5a74223b681f79cb7a5d32af344119763a4f21d461533
SHA512 ecf21a84730cc1bba494bc6d5116429f9b90b73f850bb1ad9cdc40affc04128ad06ab14d57caefdadd2974bdc7505c2457591bedd10d42955625b764f7e3f4f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00028b

MD5 89a574ff00e6b0ec61d995d059ce6e65
SHA1 aea09e96808ab77165ffa712eaa58b8f056d0bb6
SHA256 e5c29c139842fd487473d0824f2c01b374680fb35d22fa929686d17896602a44
SHA512 30d0d40bd680e61968273155b740901cdfa66670fc2af6f23e44c6b998b67cc1fcd0b51bd5f9470f209f188e75d071355e592b2a7c97f4bfd15d07d455e0909d

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 7ac59054b241ad5c17f8fb8b80d50086
SHA1 283e7a250758f538fe6355c828f09aa7caec9b72
SHA256 0c9b3b2a8d1e1428b16f81b932d209ddfff4ab33cae155f87910304c0d22691c
SHA512 ea98f846da70240ff97b3cd5e40ab907520c07184ebcaaccbc084153776ae5d20c61b384d4c298da90ba5c2729ff1671307fba787e0a4af3c5c36596108e259a

C:\ProgramData\McAfee\WebAdvisor\ServiceHost.exe\log_00200057003F001D0006.txt

MD5 0d8dbf73ac5a36682891a92c71a626a5
SHA1 d2f5baf8c2c2ee3f2065611f81618d694920b2c9
SHA256 8e309eeb8386c4b975a21a6fb29cc729a61387f9f7d06780c79878df67c84ef6
SHA512 07abe664d517942ad2474c85d014069da0af7ada2e1dfcd86708ac21d80816fed8cd55af8bdd54fac72a8fb5ed936996d195371013556640e1c30b7e2f9bc085

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c080c190c834465cdb0851e0563337f8
SHA1 0552770da2ca3d7bb6b5d98a4b521393be4c960f
SHA256 733793efd691ded9662dd7e89f0eadc5e888b6517472f25903588a6b20b7511a
SHA512 877fd4f592ce29262b143c1057ee31c1b2823fe00a4b722b921892ea87853ff3cbd1bd182b52f7309cf2a1d633ddb52a9514f1bb300c5b31235e239544ab5c3a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000174

MD5 102f3fc0db81fee977f44ba154a40cca
SHA1 31f22d13bf2222a79d9af800342e885ced655f9c
SHA256 cb7ada22ee6e0310a9e3139eaa560a2f5359b32e6f56c9c1842c8703d582ac39
SHA512 e69471118fa69ec3e66ef1dbaf188d8cea45bd7884a3c7ebc747ea098e89c32a8907fa357eae77329299af2769c3f860b2fd975dc68cdd31f09df26299428e95

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00017d

MD5 901214255fb83cbe97fc56d1c39b7bce
SHA1 71c89d42c868ae4c8f1e30a27429a34cc747e822
SHA256 449f7715b76f0352a3f60e45b0c3dc8ba44423460da2105606ac4f324db31d63
SHA512 16f10da0e5b956259a9e23ca98d3a346e4450ce52cd5329c94f62435e31309c1009d1bc385ca77ac3943150f34531ebc957eb73403eb391c81aabe3e399e92a6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d77a6c7d74713132862baa7e55b56129
SHA1 65f5a3af4a0118d3ddece73fa7363b04666ba4d7
SHA256 db420bfc1a69c2d042aae05127bbf319a8c15c62a2624b2d613d367568c6654e
SHA512 ac66c20ab4d873531090bfa14df00d755cf976907ca999ab192c0b886f7c76a2b5d57fe5cd938ef10a6aad989dbddddaf47f2d99ebd151da787f1968b5635cc6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2e4042ac700610d5f05c776f439b26c7
SHA1 e9bbbf2cd12658e0686f7fa1c2f2db4d83759bab
SHA256 409a25f13fe29274669931d9c9070f55c4464a1f11bebba8c6e4146cdb0814ec
SHA512 3356176729efc4d19a2d611e14472456ecfa8545842f08c382232c1970b96275686a2426455ccd3791bf9781a47d7d1211c94d9e763747edd9e243e8cbbaf02b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a46202000220dc2adf1413e6ceb2f77c
SHA1 82a70cdc1833f64fd18d2c102344e9f7e50228ea
SHA256 9d591bfe612b768099b0e2036c2c4b3f473c59e132f182544d04714960560bb1
SHA512 c6f0fdf83c1895c44e030634be42a813bebd4998f7b37f9f31ed23d4dd12a5d927e416a4982699edfdff19ade8334aa357b33680d97750d7e4b5491d9ee84130

F:\LDPlayer\LDPlayer9\dnmultiplayer.exe

MD5 77138e2662cdeffd61cf6210ae3fb8ca
SHA1 a085b99630efc74cedd0be9a0eeb57eff7b3850f
SHA256 68c83685da55573ae966db3113ee513dd76ba489024373968e527bd44d814724
SHA512 a4621910aa3ae4b5dfa558e69d0270717341467cf067d9397e2bbf118f789c87eef8750ecb25ffd9c60f51f35ceb40b211ce9a738116c4dfc06e543ac90d1bcc

F:\LDPlayer\LDPlayer9\dnplayer.exe

MD5 6fe5ee1daf303963482ffc414b1f4aed
SHA1 076ebaeeb02853d96e20085fbedaf7e61f3a60d3
SHA256 2685e5c1aa3cdead02024f21abadb413c6dc130946f7b44ca01b0cea64bdd2ae
SHA512 8bc6758c95a53ebcd6b6fd27bdd3165f91bcd8f370d677afb7d599865b57ecad274eb21502235eeb64ad2624046cafa9f14576221b1503e333815df5a6dfe134

C:\Users\Admin\AppData\Roaming\XuanZhi9\ldopengl32x.dll

MD5 b2e3ba2084f827f2e46a917983363f0b
SHA1 41fd27f8688b7a755abc0acc72a2a6a0e1045c78
SHA256 7daa3d35584a7e87c3e8e3afeb436d088209966471d6c766328087823f1f3e73
SHA512 4aea989bda6efc91836264f04f23fb3760764e3ef7809f618ad949c2e64b5a167fe5d054607535ec22fea4942d9ddc5ea7f70a1f529ee23633c1cd275d90e508

F:\LDPlayer\LDPlayer9\vms\leidian0\sdcard.vmdk

MD5 4d592fd525e977bf3d832cdb1482faa0
SHA1 131c31bcff32d11b6eda41c9f1e2e26cc5fbc0ef
SHA256 f90ace0994c8cae3a6a95e8c68ca460e68f1662a78a77a2b38eba13cc8e487b6
SHA512 afa31b31e1d137a559190528998085c52602d79a618d930e8c425001fdfbd2437f732beda3d53f2d0e1fc770187184c3fb407828ac39f00967bf4ae015c6ba77

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000186

MD5 5730615dc0f2a7841ccefa2564c0767e
SHA1 072ad6e1e8b062b4e9fd38568398b3982118319b
SHA256 1d4f1a8a04ab19cecffe2b2abfc2bca6e58a2223863524a5c4884e234a2f1824
SHA512 87ba2f3e3f1bd61dce7f49c09c9153a9abd168f0c49ea5390fc0e16c9c78f5ca5a997354cadfd997fdfa9f53afa7aed3ab3198ca3329c701dfb971fd580be372

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00018f

MD5 f6af60d6accd732b1f2096d982844838
SHA1 173a76ec72c5b1a0c974f30b3b9d87c19ee5820c
SHA256 38a3ecca58fd6c657f889513c0805bcded1eaf716052ea5e7e7a34d90df4f3d4
SHA512 a2c389db9d935215f44bb1fff473f0b186bd0a66daedac8154647be04492bda3005979ff99895d80e7241ae8db0a7911c4ba84d04fd8bf7c61e532fc1a83f50e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000187

MD5 010d7cad6a1b63adac6ea2d14e9e51d7
SHA1 9381048e1f1773012b22874741f9b7e8eff5db46
SHA256 d9730da175fdd691019c71e86411ea4b092fdd8ce2846446e79c45d3d82f1134
SHA512 2d7acac6be168914830503d85dcac7dc0655df951b023f47ba1398f42fed4cabb43c8df599740e2ccac1952786057589d860e1b9a4589384075dbfbd56ece3f2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000190

MD5 14724296881807f9a9042258c9f612e8
SHA1 1021b0abb265b54970d630f3e439e43e5c71c919
SHA256 66abc9453f0935c3affbfe5f03731914065c9bd4878721142d45ea1cd6b2945d
SHA512 92eca400459725537bd8a38fa04b913f23366980e8bd458ac8088a20f411654776119161dadd58aaa4b6f79f315d9babda79dce6e565b71319a8140760bf9457

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000193

MD5 6b9c9cb1156b887985fabce7a100fa90
SHA1 1a5360c8d4e3e6f4ba48857bc6eebc73695ac1b9
SHA256 2b274c4e1cf56a8b0983f00a51acb92a52088ad84e3af58deb6f543be5cc2fcb
SHA512 2a3818a62abf2133e388c7578df605a09c0c9e16d1bb200833c08cfeea9831d8dc3096765fd73669882bb24f1556c2fb3f1de2d8569110dfdd88e035fc2956c6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000195

MD5 dae367b5357782884e8362d33fe2a909
SHA1 4aee94523eb71a119dbde43566664b1c10b88aef
SHA256 7d1d52775467fe22501bd747aef0746189296b606b29b5035416b523e9edd698
SHA512 41287efe0795692c19200d4e6a0123b2638b2e55c606fa90bda2711c4109adc60228b0ebc0deec30b9ad9c32207ac5620a89ae9105a744b1a36b8b18b839e13b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000198

MD5 6c2192ae0cd76e629b48aa3c54bce4d9
SHA1 000ec15075e47b5b69f1f837c10c149dbe677e20
SHA256 36893b631aa46ef4c95f071e4319586b1411a24c3705d20e2c900f19c49dddc7
SHA512 4d7d2d45b5e782e4dac7f8b262d8a7229d33f38c0963b660d49d2dad0d7ec3c53385febed8fbfa8b772463f668c8b89f580bf4612eb3b81997ca4e13770cbe9a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000196

MD5 4e091fa7382c3e22ab53ff65ad594700
SHA1 37fa4babf99073d0b0a1a9e2dc280f18c2e8a569
SHA256 763f7d6f7b724ac2a91c3a50d2d271e22e1b678edf1f79e18309d7341300b230
SHA512 8f76bc69871d21670667ee93f1b9deae2a83175832bf8b4b23ec4cbf1bc86a740b733a39dfa124d5251f0759087be859b004bb0cf935c1ac792a2f0b33d7544b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000194

MD5 2fe80982e7c9a69dd61f5797d4ecf963
SHA1 5a4399532a4eb5fe623b745344ad24076ced5732
SHA256 08d0c271527fca86eab6102bfae0915591a6814ea11d12e41dba02dca352a26b
SHA512 358f4ce628966f5dedb982dae904783d0741585066b801be0b9460272722afb87db4d117b74ad81513eff7c30315abafd148eaeaade10dfc6f62f2213749525d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000199

MD5 617e8125e10875bbfa5caa7c098f0f7b
SHA1 6284fdcf08cd548fbfedf6cbc5540a7facf4f9ca
SHA256 e61c9af8d18b7cfa5f6b749c8b7d5444bbdcbe1a66c5ddcd3785361d40d2359d
SHA512 d5dd227a352383d119f99675b558b3f9192798d0ebadab3fd43f4f2c5310d31be2e450ce7d2b55069417f4e2b3c8847ff0b3e0e4be271c75b50da87b892e565d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00019a

MD5 c5aca16c1c678d85b8b706953c37cc62
SHA1 7e56feff65c096baddc08b0d0627d83f45cf204f
SHA256 cb8fe39d9b898b1e3a261a921c89bae7a3a3f88ec14a2807894163bb345c73b2
SHA512 434a85bfda0daafdd8230c8630c7ca12b793ed185d5cf755ba288e6161dc739c53d24e1fe254bad8eaca7291f6723a4f8e19d9a9667f402a201a6fe2cb783456

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 993d22faa3c26f405d01e0ba35dafb86
SHA1 4c13e0bc3b474615d0ca94d7a10dbcc1e538e46f
SHA256 6f01854ca12cd409fad8c6123c03046663614d914159bbeb8171ec1eece78e02
SHA512 14051d7c5c3f155b217707bf153f39f88d9f447c2a129bdeb9d0a7df394e312ad96c29fb665cf50dc4c3f5644718300818d52ae2b747eedd06f886dabd8c55ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001a0

MD5 da9b81ecd9a7a31cf29fa93bffb9e4db
SHA1 97b2e7e0f78bf1a6bcdc1c0b9004bb7564586e6b
SHA256 0c5991824d1f68e8840161475bc890d9547a23159b03392a2504b4b371a33218
SHA512 cc7af666b62a175b90a60e85b145a8d25c4842555e057ff0e42ccd000750cab73b539c79140bef2315ee0353d67918de12f50d76f1fa21931cd65ea6d8c5aada

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001a5

MD5 eced6db395c8ef53a175b1702e30d015
SHA1 78487075f4df4a76c2f38b775f9aaaddcf8e0d5c
SHA256 3dfafdd876d82f0af3e9ca1a3603e69ec3814a81956426743f38f424af930f79
SHA512 4c9225cf90fde924da7472409f740732f373f7a67f10628d5ad09536c2733d26ac9d5eda23238720f8ad7d0ea18942140dac0932a941c3768b9cac5210c96b62

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001d6

MD5 cfa2ab4f9278c82c01d2320d480258fe
SHA1 ba1468b2006b74fe48be560d3e87f181e8d8ba77
SHA256 d64d90cc9fa9be071a5e067a068d8afda2819b6e9926560dd0f8c2aaabeca22e
SHA512 4016e27b20442a84ea9550501eded854f84c632eeced46b594bcd4fc388de8e6a3fbfe3c1c4dbd05f870a2379034893bfd6fd73ac39ef4a85cbf280ab8d44979

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7a46dcd3f230950ab74fee9a1d1666c6
SHA1 0ef5b27c98e2fe391b86156a4f325ef1b47c2abe
SHA256 d653ed2d4587eee2e3137f7cbb16335c4a3e3e08cf69902096c5118fea6cf066
SHA512 16f00e2d9ef3e94dc332c71957398caa62d6d58d7a5644e508010f6e903fd98a2444405b7473919e08de383af6f737901b82e47ddbeecda5c33d55d9faa67e58

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001a8

MD5 7a750eccd64bcb7c0e63cd91332760a7
SHA1 5f2011e1fae2c39e8d31be418abcc70b0db602f8
SHA256 3e20cba32209388ea78a2bc727f5cb6d9bb9adfe9885dc625ca29bce0b439f41
SHA512 885c81364d57037a5c071c0c771e36c77405104f03f712baa7f339c7ecbc94fb7291009be144e23ab9290a08c174c841b1fb60e6d811aa790504ba67f1939932

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001ac

MD5 3e278232b923045fdb147ced2de48ff3
SHA1 50147909ffaa89b12dabf791713bc9f432a2584f
SHA256 7651fb801c085f984488083c5489cb6b94414e4e5c20e32f5507202642c6bc8c
SHA512 a6e78cedcbac1cb58a178a9bcb024b3d6f595013c9bc162a6bbab714cbda057cc40248768d7baa69a85827e24ed81e4d50502bf6b3c7f671b48a80d7ac1c8fe3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001d7

MD5 8a42ba5472aa4afa3d3ac12f31d47408
SHA1 2add574424ac47c1e83b0b7fae5d040c46ac38a7
SHA256 759bfec59bce5ddea7751b7f93408074a8c27cb2c387b08b6b9f4aa111266ec4
SHA512 3e1081a6e1c29f6dae28ab997c551a6d107d4f4b7e0981a19ba81a30a4e420dee1791321dca8f4b500c9e7e4a41c5e5c75013a72e5a5cde3f7e6c50393eb10b0

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 f90f2b9d2a6cbc4a0560b15e5a755774
SHA1 ab3111db84a9c7e218ee7e166b8c48e57801043a
SHA256 8c3d3cbe9845d5df3501f954203027874d7c83da89fcc60bac91e6d626012ae5
SHA512 bffc4ca813b9c7108f4502fdd0b041f36d4588768f88d9ae1228b6192d36b36e54251abbc92105424cb00a232741d0145567395f8f390cb38ee9cd0c6fbe1737

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 b98f465280d682d71c9c9f74231e82c9
SHA1 4ad49d6b5ab35a1c131ea9397b303cd127d7f06c
SHA256 74ca749e1bf7bdc86f099516d93971057e339d98a0f7b4096ce3502ded915044
SHA512 d85ddc0d699cf33fc7a02cfa34f4f585ad3b687dd19650db0ca802bcf5f057001187fc3363c7a89d5ebe09d3957c74405083c415ef9773639e2cfd859c0148fd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 aee35de99cf905d1c484f5e8a4f6b471
SHA1 94ff0046c72a8d90df816321aaf13add39ebc0bf
SHA256 b25786207be80ab1fd19a17ceaf5ffee23987e6cf68fe67bee5527981a06e06b
SHA512 ffbfd2117333381e29ebe824185581f08f6debafb6dce3a3a8a38181961806d075e4f9f1065918bf8da63a6ac39a12b6b37e5c33c6abaabbb7caa9c2693e013f