Malware Analysis Report

2025-03-15 04:00

Sample ID 240826-f8peraygqq
Target MurGaa Auto Clicker.app.zip
SHA256 eee5324309fbd237b7e1e00fc1b3b60f03fa43bb25d3a4ee5c4f45efe68c6e32
Tags
defense_evasion discovery motw persistence phishing
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

eee5324309fbd237b7e1e00fc1b3b60f03fa43bb25d3a4ee5c4f45efe68c6e32

Threat Level: Shows suspicious behavior

The file MurGaa Auto Clicker.app.zip was found to be: Shows suspicious behavior.

Malicious Activity Summary

defense_evasion discovery motw persistence phishing

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

Mark of the Web detected: This indicates that the page was originally saved or cloned.

Enumerates connected drives

Adds Run key to start application

Drops file in System32 directory

Checks system information in the registry

Subvert Trust Controls: Mark-of-the-Web Bypass

Drops file in Windows directory

Drops file in Program Files directory

Enumerates physical storage devices

System Location Discovery: System Language Discovery

Browser Information Discovery

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious behavior: EnumeratesProcesses

NTFS ADS

Uses Volume Shadow Copy WMI provider

Suspicious use of WriteProcessMemory

Checks processor information in registry

Enumerates system info in registry

Suspicious behavior: AddClipboardFormatListener

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Uses Volume Shadow Copy service COM API

Modifies registry class

Suspicious use of SetWindowsHookEx

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of AdjustPrivilegeToken

Modifies data under HKEY_USERS

Uses Task Scheduler COM API

Modifies Internet Explorer settings

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-26 05:32

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-26 05:32

Reported

2024-08-26 05:45

Platform

win11-20240802-en

Max time kernel

774s

Max time network

777s

Command Line

C:\Windows\Explorer.exe /idlist,,"C:\Users\Admin\AppData\Local\Temp\MurGaa Auto Clicker.app.zip"

Signatures

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsgC7C4.tmp N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\Watchdog.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\FAST!\Temp\diskspd.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\FastSRV.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\fast!.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\Fast!.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup (2).exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsgC7C4.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsgC7C4.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsgC7C4.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsgC7C4.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsgC7C4.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsgC7C4.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsgC7C4.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsgC7C4.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsgC7C4.tmp N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Windows\CurrentVersion\Run\PCAppStore = "\"C:\\Users\\Admin\\PCAppStore\\PCAppStore.exe\" /init default" C:\Users\Admin\AppData\Local\Temp\nsgC7C4.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Windows\CurrentVersion\Run\PcAppStoreUpdater = "\"C:\\Users\\Admin\\PCAppStore\\AutoUpdater.exe\" /i" C:\Users\Admin\AppData\Local\Temp\nsgC7C4.tmp N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Windows\CurrentVersion\Run\Watchdog = "\"C:\\Users\\Admin\\PCAppStore\\Watchdog.exe\" /guid=ECB443AD-7C99-4A47-9F82-4D321990D32EX /rid=20240826054102.672241111656 /ver=fa.1091v" C:\Users\Admin\AppData\Local\Temp\nsgC7C4.tmp N/A

Checks installed software on the system

discovery

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\G: C:\Program Files (x86)\Fast!\Fast!.exe N/A
File opened (read-only) \??\H: C:\Program Files (x86)\Fast!\Fast!.exe N/A
File opened (read-only) \??\J: C:\Program Files (x86)\Fast!\Fast!.exe N/A
File opened (read-only) \??\K: C:\Program Files (x86)\Fast!\Fast!.exe N/A
File opened (read-only) \??\L: C:\Program Files (x86)\Fast!\Fast!.exe N/A
File opened (read-only) \??\M: C:\Program Files (x86)\Fast!\Fast!.exe N/A
File opened (read-only) \??\O: C:\Program Files (x86)\Fast!\Fast!.exe N/A
File opened (read-only) \??\R: C:\Program Files (x86)\Fast!\Fast!.exe N/A
File opened (read-only) \??\X: C:\Program Files (x86)\Fast!\Fast!.exe N/A
File opened (read-only) \??\Y: C:\Program Files (x86)\Fast!\Fast!.exe N/A
File opened (read-only) \??\Z: C:\Program Files (x86)\Fast!\Fast!.exe N/A
File opened (read-only) \??\F: C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
File opened (read-only) \??\A: C:\Program Files (x86)\Fast!\Fast!.exe N/A
File opened (read-only) \??\I: C:\Program Files (x86)\Fast!\Fast!.exe N/A
File opened (read-only) \??\P: C:\Program Files (x86)\Fast!\Fast!.exe N/A
File opened (read-only) \??\T: C:\Program Files (x86)\Fast!\Fast!.exe N/A
File opened (read-only) \??\E: C:\Program Files (x86)\Fast!\Fast!.exe N/A
File opened (read-only) \??\Q: C:\Program Files (x86)\Fast!\Fast!.exe N/A
File opened (read-only) \??\U: C:\Program Files (x86)\Fast!\Fast!.exe N/A
File opened (read-only) \??\V: C:\Program Files (x86)\Fast!\Fast!.exe N/A
File opened (read-only) \??\B: C:\Program Files (x86)\Fast!\Fast!.exe N/A
File opened (read-only) \??\N: C:\Program Files (x86)\Fast!\Fast!.exe N/A
File opened (read-only) \??\S: C:\Program Files (x86)\Fast!\Fast!.exe N/A
File opened (read-only) \??\W: C:\Program Files (x86)\Fast!\Fast!.exe N/A

Mark of the Web detected: This indicates that the page was originally saved or cloned.

phishing motw
Description Indicator Process Target
N/A https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html N/A N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Fast!\nwjs\nw.dll C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\es.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\fil.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\fast!.exe C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\d3dcompiler_47.dll C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\bg.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\te.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\el.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\el.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\hu.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\it.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\kn.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\ro.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\vulkan-1.dll C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\ca.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\ui\icons\info-logo.svg C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\sv.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\sw.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\ui\icons\logo.svg C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\cs.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\es-419.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\es-419.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\sl.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\th.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\ui\css\normalize.css C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\icudtl.dat C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\am.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\sr.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\uninstaller.exe C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\fa.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\pt-PT.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\swiftshader\libGLESv2.dll C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\ui\notify.html C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\ja.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\zh-CN.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\en-US.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\et.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\hr.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\pl.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\ru.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\ui\css\notification.css C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\libEGL.dll C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\de.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\ui\images\survey-bg.png C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\ui\images\all-circles-transparent-bg.png C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\ui\images\survey-bg-second-bg.png C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\hr.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\lv.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\ui\images\exit-popup-bg.png C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\bg.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\de.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\ar-XB.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\et.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\hi.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\ko.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\ui\icons\checkbox.svg C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\ui\icons\fast.svg C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\FastSRV.exe C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\af.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\ui\images\header-bg.png C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\ms.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\pt-BR.pak C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\pt-BR.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
File created C:\Program Files (x86)\Fast!\nwjs\locales\sr.pak.info C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A

Subvert Trust Controls: Mark-of-the-Web Bypass

defense_evasion
Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Setup.exe:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Setup (2).exe:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Fast!\Fast!.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\Setup (2).exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\Setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\DllHost.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\FAST!\Temp\diskspd.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Fast!\fast!.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Temp\nsgC7C4.tmp N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\cmd.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Fast!\FastSRV.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\BIOS C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\GPU\Revision = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\StaleCompatCache = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\IECompatVersionLow = "395196024" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\VersionManager\FirstCheckForUpdateLowDateTime = "1925145559" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy\HomepagesUpgradeVersion = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPMigrationVer = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\BrowserEmulation C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\GPU\SubSysId = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\CVListDomainAttributeSet = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\StaleCompatCache = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\Main\OperationalData = "8" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\GPU\VendorId = "4318" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\Main\OperationalData = "13" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\GPU\DeviceId = "140" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\VersionManager\FirstCheckForUpdateHighDateTime = "31127482" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\IECompatVersionHigh = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\CVListXMLVersionLow = "395196024" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\CVListXMLVersionHigh = "268435456" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\VersionManager C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\Main\DisableFirstRunCustomize = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\Main\OperationalData = "9" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\IECompatVersionLow = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\GPU\SoftwareFallback = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\IECompatVersionHigh = "268435456" C:\Program Files\Internet Explorer\iexplore.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133691244742925787" C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files (x86)\Fast!\nwjs\nw.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1287768749-810021449-2672985988-1000\{61562294-D96E-45A1-8D1D-6A1DE5183F9C} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000_Classes\Local Settings\MuiCache C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-1287768749-810021449-2672985988-1000\{56778B09-5BB2-4767-9983-5395B64FF943} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{ECB443AD-7C99-4A47-9F82-4D321990D32EX} C:\Program Files (x86)\Fast!\Fast!.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 45531.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 94980.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 456467.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Setup.exe:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 428001.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 263106.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Setup (2).exe:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\Downloads\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsgC7C4.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsgC7C4.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsgC7C4.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsgC7C4.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsgC7C4.tmp N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\nsgC7C4.tmp N/A
N/A N/A C:\Users\Admin\PCAppStore\Watchdog.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\Watchdog.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\Watchdog.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\Watchdog.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\download\SetupEngine.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Program Files (x86)\Fast!\Fast!.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeSecurityPrivilege N/A C:\Windows\system32\msiexec.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeManageVolumePrivilege N/A C:\Users\Admin\AppData\Local\FAST!\Temp\diskspd.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\PcAppStore.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A
N/A N/A C:\Users\Admin\PCAppStore\nwjs\NW_store.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1804 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 4076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 1952 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 2484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 2484 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1804 wrote to memory of 844 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Uses Task Scheduler COM API

persistence

Uses Volume Shadow Copy WMI provider

ransomware

Uses Volume Shadow Copy service COM API

ransomware

Processes

C:\Windows\Explorer.exe

C:\Windows\Explorer.exe /idlist,,"C:\Users\Admin\AppData\Local\Temp\MurGaa Auto Clicker.app.zip"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff9176c3cb8,0x7ff9176c3cc8,0x7ff9176c3cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1940 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2284 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2500 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4904 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4588 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5208 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5352 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2276 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3520 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5020 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5028 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3580 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=3588 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5160 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3528 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004D0 0x00000000000004D4

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5144 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5652 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2756 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4964 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5180 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1264 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6128 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5536 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5636 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6544 /prefetch:1

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6820 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6552 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7036 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7352 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5820 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3452 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7524 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7864 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7764 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7860 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=7648 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4956 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7820 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7408 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7336 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7396 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8024 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8348 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8472 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8640 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9140 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9044 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9348 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9480 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9656 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8888 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8860 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8916 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9772 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7864 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10352 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10592 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8504 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8112 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6972 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8176 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7196 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6800 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8152 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8092 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9500 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10600 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6500 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8128 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9532 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10908 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10740 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11244 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10764 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9224 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7032 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11348 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8352 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9700 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7424 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10620 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7980 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8068 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8288 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11108 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7492 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11828 /prefetch:1

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe

"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1932,10069078243419055760,8725483276810371647,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3848 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff9176c3cb8,0x7ff9176c3cc8,0x7ff9176c3cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1896 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2276 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2504 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3292 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4912 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4940 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3592 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5092 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4272 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5564 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4104 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=2896 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4244 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5828 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5276 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5920 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6040 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3348 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5872 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4924 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4960 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5648 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5584 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3464 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5176 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6660 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2404 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6956 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3268 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6852 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6884 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5244 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4240 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7100 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6764 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5860 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6664 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6604 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5156 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6332 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6528 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7008 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6228 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6664 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7404 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6824 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6804 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4376 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5044 /prefetch:8

C:\Users\Admin\Downloads\Setup.exe

"C:\Users\Admin\Downloads\Setup.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" https://pcapp.store/installing.php?guid=ECB443AD-7C99-4A47-9F82-4D321990D32EX&winver=22000&version=fa.1091v&nocache=20240826054043.226&_fcid=1724650558844415

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff9176c3cb8,0x7ff9176c3cc8,0x7ff9176c3cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6372 /prefetch:1

C:\Users\Admin\AppData\Local\Temp\nsgC7C4.tmp

"C:\Users\Admin\AppData\Local\Temp\nsgC7C4.tmp" /internal 1724650558844415 /force

C:\Users\Admin\PCAppStore\PcAppStore.exe

"C:\Users\Admin\PCAppStore\PcAppStore.exe" /init default

C:\Users\Admin\PCAppStore\Watchdog.exe

"C:\Users\Admin\PCAppStore\Watchdog.exe" /guid=ECB443AD-7C99-4A47-9F82-4D321990D32EX /rid=20240826054102.672241111656 /ver=fa.1091v

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

.\nwjs\NW_store.exe .\ui\.

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" /prefetch:4 --monitor-self --monitor-self-argument=--type=crashpad-handler "--monitor-self-argument=--user-data-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" --monitor-self-argument=/prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\pc_app_store\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" --annotation=plat=Win64 --annotation=prod=pc_app_store --annotation=ver=0.1.0 --initial-client-data=0x26c,0x270,0x274,0x268,0x278,0x7ff902e2a960,0x7ff902e2a970,0x7ff902e2a980

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\pc_app_store\User Data" /prefetch:4 --no-periodic-tasks --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\pc_app_store\User Data\Crashpad" --annotation=plat=Win64 --annotation=prod=pc_app_store --annotation=ver=0.1.0 --initial-client-data=0x1d8,0x1dc,0x1e0,0x1d4,0x1e4,0x7ff7c7ec8a60,0x7ff7c7ec8a70,0x7ff7c7ec8a80

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=gpu-process --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --start-stack-profiler --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1780 --field-trial-handle=1784,i,6960389129983529813,4000271670794057146,262144 --variations-seed-version /prefetch:2

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --start-stack-profiler --mojo-platform-channel-handle=1936 --field-trial-handle=1784,i,6960389129983529813,4000271670794057146,262144 --variations-seed-version /prefetch:3

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=2272 --field-trial-handle=1784,i,6960389129983529813,4000271670794057146,262144 --variations-seed-version /prefetch:8

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --nwjs --extension-process --no-appcompat-clear --no-sandbox --file-url-path-alias="/gen=C:\Users\Admin\PCAppStore\nwjs\gen" --no-zygote --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2920 --field-trial-handle=1784,i,6960389129983529813,4000271670794057146,262144 --variations-seed-version /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=3892 /prefetch:2

C:\Windows\system32\msiexec.exe

C:\Windows\system32\msiexec.exe /V

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=4420 --field-trial-handle=1784,i,6960389129983529813,4000271670794057146,262144 --variations-seed-version /prefetch:8

C:\Users\Admin\PCAppStore\download\SetupEngine.exe

"C:\Users\Admin\PCAppStore\download\SetupEngine.exe"

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe /Processid:{60A90A2F-858D-42AF-8929-82BE9D99E8A1}

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://veryfast.io/installing.html?guid=ECB443AD-7C99-4A47-9F82-4D321990D32EX&_fcid=

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff9176c3cb8,0x7ff9176c3cc8,0x7ff9176c3cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6832 /prefetch:1

C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe

"C:\Users\Admin\AppData\Local\FAST!\Temp\SetupEngine.exe" /fcid /instdir C:\Program Files (x86)\Fast! /startup 1

C:\Windows\SysWOW64\cmd.exe

cmd /c "C:\Users\Admin\AppData\Local\FAST!\Temp\diskspd.exe -c100M -b4K -t1 -r -o32 -d10 -ag -h -Rxml C:\Users\Admin\AppData\Local\FAST!\Temp\testfile.temp" > C:\Users\Admin\AppData\Local\FAST!\Temp\dskres.xml

C:\Users\Admin\AppData\Local\FAST!\Temp\diskspd.exe

C:\Users\Admin\AppData\Local\FAST!\Temp\diskspd.exe -c100M -b4K -t1 -r -o32 -d10 -ag -h -Rxml C:\Users\Admin\AppData\Local\FAST!\Temp\testfile.temp

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=5016 --field-trial-handle=1784,i,6960389129983529813,4000271670794057146,262144 --variations-seed-version /prefetch:8

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --mojo-platform-channel-handle=5020 --field-trial-handle=1784,i,6960389129983529813,4000271670794057146,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://veryfast.io/installed.php?guid=ECB443AD-7C99-4A47-9F82-4D321990D32EX&_fcid=

C:\Program Files (x86)\Fast!\FastSRV.exe

"C:\Program Files (x86)\Fast!\FastSRV.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff9176c3cb8,0x7ff9176c3cc8,0x7ff9176c3cd8

C:\Program Files (x86)\Fast!\fast!.exe

"C:\Program Files (x86)\Fast!\fast!.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1

C:\Program Files (x86)\Fast!\Fast!.exe

"C:\Program Files (x86)\Fast!\Fast!.exe"

C:\Program Files (x86)\Fast!\nwjs\nw.exe

"C:\Program Files (x86)\Fast!\nwjs\nw.exe" ui\.

C:\Program Files (x86)\Fast!\nwjs\nw.exe

"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\FAST!\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\FAST!\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\FAST!\User Data" --annotation=plat=Win64 --annotation=prod=FAST! --annotation=ver= --initial-client-data=0x270,0x274,0x278,0x26c,0x27c,0x7ff90458a970,0x7ff90458a980,0x7ff90458a990

C:\Program Files (x86)\Fast!\nwjs\nw.exe

"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=gpu-process --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\FAST!\User Data" --nwapp-path="ui\." --start-stack-profiler --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1844 --field-trial-handle=1848,i,15585587074654377885,8416093023992434473,262144 /prefetch:2

C:\Program Files (x86)\Fast!\nwjs\nw.exe

"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\FAST!\User Data" --nwapp-path="ui\." --start-stack-profiler --mojo-platform-channel-handle=2028 --field-trial-handle=1848,i,15585587074654377885,8416093023992434473,262144 /prefetch:8

C:\Program Files (x86)\Fast!\nwjs\nw.exe

"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\FAST!\User Data" --nwapp-path="ui\." --mojo-platform-channel-handle=2128 --field-trial-handle=1848,i,15585587074654377885,8416093023992434473,262144 /prefetch:8

C:\Program Files (x86)\Fast!\nwjs\nw.exe

"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Local\FAST!\User Data" --nwapp-path="ui\." --nwjs --extension-process --first-renderer-process --no-sandbox --file-url-path-alias="/gen=C:\Program Files (x86)\Fast!\nwjs\gen" --no-zygote --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3064 --field-trial-handle=1848,i,15585587074654377885,8416093023992434473,262144 /prefetch:1

C:\Program Files (x86)\Fast!\nwjs\nw.exe

"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\FAST!\User Data" --nwapp-path="ui\." --mojo-platform-channel-handle=4004 --field-trial-handle=1848,i,15585587074654377885,8416093023992434473,262144 /prefetch:8

C:\Program Files (x86)\Fast!\nwjs\nw.exe

"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\FAST!\User Data" --nwapp-path="ui\." --mojo-platform-channel-handle=4208 --field-trial-handle=1848,i,15585587074654377885,8416093023992434473,262144 /prefetch:8

C:\Program Files (x86)\Fast!\nwjs\nw.exe

"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\FAST!\User Data" --nwapp-path="ui\." --mojo-platform-channel-handle=616 --field-trial-handle=1848,i,15585587074654377885,8416093023992434473,262144 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5264 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5864 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7092 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6064 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6704 /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004D0 0x00000000000004D4

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6216 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7608 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1656 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7768 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6612 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8400 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7792 /prefetch:1

C:\Users\Admin\PCAppStore\nwjs\NW_store.exe

"C:\Users\Admin\PCAppStore\nwjs\NW_store.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\pc_app_store\User Data" --nwapp-path=".\ui\." --no-appcompat-clear --start-stack-profiler --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=4208 --field-trial-handle=1784,i,6960389129983529813,4000271670794057146,262144 --variations-seed-version /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7348 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7792 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8068 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7816 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8168 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9052 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7728 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8160 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8964 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8240 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7856 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7348 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8448 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7592 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7668 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7976 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8716 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8960 /prefetch:8

C:\Program Files (x86)\Fast!\nwjs\nw.exe

"C:\Program Files (x86)\Fast!\nwjs\nw.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-sandbox --user-data-dir="C:\Users\Admin\AppData\Local\FAST!\User Data" --nwapp-path="ui\." --start-stack-profiler --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=928 --field-trial-handle=1848,i,15585587074654377885,8416093023992434473,262144 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1880,4912235937099325056,12180188564466620463,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4872 /prefetch:8

C:\Users\Admin\Downloads\Setup (2).exe

"C:\Users\Admin\Downloads\Setup (2).exe"

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\Desktop\GrantPop.gif

C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE

"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\Desktop\ResumeNew.odt"

Network

Country Destination Domain Proto
US 8.8.8.8:53 75.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
GB 92.123.142.121:443 www.bing.com tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
GB 92.123.142.138:443 th.bing.com tcp
GB 92.123.142.186:443 www.bing.com tcp
GB 92.123.142.186:443 www.bing.com tcp
GB 92.123.142.138:443 th.bing.com tcp
US 13.107.5.80:443 services.bingapis.com tcp
US 172.64.154.167:443 www2.bing.com tcp
US 172.64.154.167:443 www2.bing.com tcp
GB 92.123.142.138:443 th.bing.com tcp
US 172.64.154.167:443 www2.bing.com tcp
US 172.64.154.167:443 www2.bing.com tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 104.31.16.1:443 soap2day.pe tcp
US 104.31.16.1:443 soap2day.pe tcp
US 8.8.8.8:53 connect.facebook.net udp
FR 142.250.179.68:443 www.google.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 151.101.193.229:443 cdn.jsdelivr.net tcp
GB 108.138.217.99:443 platform-api.sharethis.com tcp
FR 142.250.179.68:443 www.google.com udp
IE 34.252.98.56:443 l.sharethis.com tcp
GB 18.245.143.68:443 buttons-config.sharethis.com tcp
US 8.8.8.8:53 229.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 99.217.138.108.in-addr.arpa udp
US 8.8.8.8:53 226.21.18.104.in-addr.arpa udp
US 8.8.8.8:53 6.39.156.108.in-addr.arpa udp
US 172.64.154.167:443 www2.bing.com tcp
US 172.64.154.167:443 www2.bing.com tcp
GB 18.165.201.52:443 platform-cdn.sharethis.com tcp
GB 18.165.201.52:443 platform-cdn.sharethis.com tcp
GB 18.165.201.52:443 platform-cdn.sharethis.com tcp
GB 18.165.201.52:443 platform-cdn.sharethis.com tcp
GB 18.165.201.52:443 platform-cdn.sharethis.com tcp
GB 18.165.201.52:443 platform-cdn.sharethis.com tcp
GB 18.154.84.3:443 count-server.sharethis.com tcp
US 151.101.193.229:443 cdn.jsdelivr.net udp
GB 108.138.217.99:443 platform-api.sharethis.com tcp
DE 157.240.27.27:443 connect.facebook.net tcp
US 104.21.33.77:443 megacloud.tv tcp
US 151.101.2.114:443 ssl.p.jwpcdn.com tcp
US 151.101.2.114:443 ssl.p.jwpcdn.com tcp
US 151.101.2.114:443 ssl.p.jwpcdn.com tcp
US 104.26.12.113:443 cca.megaresources.co tcp
US 104.26.12.113:443 cca.megaresources.co tcp
US 104.26.12.113:443 cca.megaresources.co tcp
US 104.26.1.78:443 ao.bigtimedelivery.net tcp
US 104.21.37.27:443 referto.ai tcp
US 104.22.72.157:443 kk8.zurmot54.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
GB 173.222.211.40:443 aefd.nelreports.net tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 173.222.211.40:443 aefd.nelreports.net udp
FR 162.19.58.157:443 i.ibb.co tcp
US 104.21.5.50:443 img.1flix.to tcp
US 104.21.5.50:443 img.1flix.to tcp
US 172.67.142.245:443 use.fontawesome.com tcp
US 104.18.10.207:443 stackpath.bootstrapcdn.com tcp
FR 142.250.201.170:443 ajax.googleapis.com tcp
US 172.67.142.245:443 use.fontawesome.com tcp
IE 34.252.98.56:443 l.sharethis.com tcp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 216.239.34.36:443 region1.google-analytics.com udp
FR 142.250.179.68:443 www.google.com udp
GB 18.245.143.68:443 buttons-config.sharethis.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
US 104.21.37.27:443 referto.ai tcp
US 104.21.37.27:443 referto.ai tcp
US 104.22.39.80:443 nm.trixlep92.click tcp
US 172.67.186.46:443 solarvpn.com tcp
US 172.67.150.112:443 static.solarvpn-cd.net tcp
US 172.67.150.112:443 static.solarvpn-cd.net tcp
US 172.67.150.112:443 static.solarvpn-cd.net tcp
US 172.67.150.112:443 static.solarvpn-cd.net tcp
US 172.67.150.112:443 static.solarvpn-cd.net tcp
US 172.67.150.112:443 static.solarvpn-cd.net tcp
US 104.21.19.128:443 solarvpn.com tcp
US 104.21.19.128:443 solarvpn.com tcp
US 104.21.19.128:443 solarvpn.com tcp
GB 92.123.142.74:443 th.bing.com tcp
US 204.79.197.200:443 bing.com tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 151.101.65.91:443 sc.sftcdn.net tcp
US 8.8.8.8:53 sdk.privacy-center.org udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 www.clarity.ms udp
US 8.8.8.8:53 bat.bing.com udp
US 151.101.129.91:443 sc.sftcdn.net tcp
US 151.101.129.91:443 sc.sftcdn.net tcp
US 151.101.129.91:443 sc.sftcdn.net tcp
US 151.101.129.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 199.232.209.91:443 softonic.com tcp
US 199.232.209.91:443 softonic.com tcp
US 151.101.129.91:443 sc.sftcdn.net tcp
US 150.171.28.10:443 bat.bing.com tcp
DE 18.155.145.22:443 sdk.privacy-center.org tcp
US 13.107.246.64:443 www.clarity.ms tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
US 151.101.193.91:443 sc.sftcdn.net tcp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
US 151.101.129.91:443 sc.sftcdn.net udp
US 8.8.8.8:53 9.223.224.13.in-addr.arpa udp
GB 18.172.148.233:443 www.datadoghq-browser-agent.com tcp
GB 13.224.223.9:443 c.amazon-adsystem.com tcp
US 172.67.41.60:443 btloader.com tcp
FR 172.217.18.219:443 storage.googleapis.com tcp
GB 108.156.39.61:443 config.aps.amazon-adsystem.com tcp
US 172.67.69.19:443 ad-delivery.net tcp
US 172.67.69.19:443 ad-delivery.net tcp
US 104.22.52.86:443 cdn.id5-sync.com tcp
US 104.18.33.89:443 www2.bing.com tcp
DE 18.154.168.127:443 api.privacy-center.org tcp
US 8.8.8.8:53 89.33.18.104.in-addr.arpa udp
US 104.18.33.89:443 www2.bing.com tcp
US 8.8.8.8:53 cdn.btmessage.com udp
US 8.8.8.8:53 api.btloader.com udp
US 51.8.64.151:443 h.clarity.ms tcp
US 104.26.6.141:443 cdn.btmessage.com tcp
US 130.211.23.194:443 api.btloader.com tcp
US 130.211.23.194:443 api.btloader.com tcp
US 172.67.69.19:443 ad-delivery.net tcp
US 51.8.64.151:443 h.clarity.ms tcp
US 151.101.193.91:443 sc.sftcdn.net udp
IE 13.74.129.1:443 c.clarity.ms tcp
NL 139.45.197.227:443 notix.io tcp
US 13.107.21.237:443 c.bing.com tcp
FR 142.250.179.65:443 1c8462598cab2b73522efe330b40947e.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
FR 142.250.179.68:443 www.google.com udp
US 8.8.8.8:53 id.crwdcntrl.net udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 cdn-ima.33across.com udp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 static.criteo.net udp
GB 18.172.154.232:443 aax.amazon-adsystem.com tcp
US 34.120.63.153:443 prebid.media.net tcp
DE 141.95.98.65:443 lb.eu-1-id5-sync.com tcp
DE 141.95.98.65:443 lb.eu-1-id5-sync.com tcp
US 172.64.151.101:443 htlb.casalemedia.com tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
DE 178.63.241.79:443 shb.richaudience.com tcp
DE 178.63.241.79:443 shb.richaudience.com tcp
DE 178.63.241.79:443 shb.richaudience.com tcp
IE 54.154.198.136:443 ad.360yield.com tcp
NL 185.89.210.153:443 ib.adnxs.com tcp
US 151.101.65.229:443 cdn.jsdelivr.net udp
IE 3.248.89.49:443 ap.lijit.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
FR 142.250.178.130:443 ep1.adtrafficquality.google tcp
GB 18.245.143.83:443 tags.crwdcntrl.net tcp
IE 54.154.69.222:443 id.crwdcntrl.net tcp
DE 141.95.98.65:443 lb.eu-1-id5-sync.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
US 172.64.152.89:443 cdn-ima.33across.com tcp
NL 188.166.203.175:443 brightcombid.marphezis.com tcp
FR 142.250.201.162:443 googleads.g.doubleclick.net tcp
FR 142.250.201.162:443 googleads.g.doubleclick.net tcp
GB 92.123.143.169:80 apps.identrust.com tcp
FR 142.250.201.162:443 googleads.g.doubleclick.net tcp
FR 216.58.213.78:443 ampcid.google.com tcp
US 216.239.34.36:443 region1.analytics.google.com tcp
BE 74.125.71.155:443 stats.g.doubleclick.net tcp
FR 142.250.201.163:443 www.google.co.uk tcp
FR 142.250.179.97:443 ep2.adtrafficquality.google tcp
BE 74.125.71.155:443 stats.g.doubleclick.net udp
US 35.244.193.51:443 lexicon.33across.com tcp
FR 142.250.178.129:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 89.152.64.172.in-addr.arpa udp
US 8.8.8.8:53 79.241.63.178.in-addr.arpa udp
US 8.8.8.8:53 3.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 130.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 222.69.154.54.in-addr.arpa udp
US 8.8.8.8:53 175.203.166.188.in-addr.arpa udp
US 8.8.8.8:53 162.201.250.142.in-addr.arpa udp
US 8.8.8.8:53 169.143.123.92.in-addr.arpa udp
US 8.8.8.8:53 78.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 155.71.125.74.in-addr.arpa udp
US 8.8.8.8:53 163.201.250.142.in-addr.arpa udp
US 8.8.8.8:53 97.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 51.193.244.35.in-addr.arpa udp
US 8.8.8.8:53 129.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 151.84.255.185.in-addr.arpa udp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
FR 142.250.201.162:443 googleads.g.doubleclick.net udp
US 34.120.63.153:443 prebid.media.net udp
IE 52.95.115.255:443 aax-eu.amazon-adsystem.com tcp
FR 185.255.84.152:443 visitor.omnitagjs.com tcp
US 151.101.193.108:443 acdn.adnxs.com tcp
DE 162.55.236.225:443 sync.richaudience.com tcp
GB 95.100.244.20:443 contextual.media.net tcp
US 172.64.149.180:443 js-sec.indexww.com tcp
GB 2.18.108.192:443 ads.pubmatic.com tcp
FR 185.255.84.152:443 visitor.omnitagjs.com tcp
DE 162.55.236.225:443 sync.richaudience.com tcp
IE 54.75.158.40:443 ce.lijit.com tcp
US 8.8.8.8:53 152.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
US 8.8.8.8:53 onetag-sys.com udp
US 8.8.8.8:53 secure.adnxs.com udp
US 8.8.8.8:53 ssc-cms.33across.com udp
US 8.8.8.8:53 dis.criteo.com udp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 api-2-0.spot.im udp
NL 81.17.55.109:443 ssbsync.smartadserver.com tcp
US 8.8.8.8:53 match.prod.bidr.io udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 image8.pubmatic.com udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
GB 92.123.140.147:443 player.aniview.com tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
NL 46.228.174.117:443 sync.1rx.io tcp
NL 178.250.1.9:443 dis.criteo.com tcp
GB 185.64.191.214:443 image8.pubmatic.com tcp
IE 34.250.109.179:443 match.prod.bidr.io tcp
US 52.223.40.198:443 match.adsrvr.org tcp
US 54.157.210.214:443 sync.srv.stackadapt.com tcp
US 52.1.95.45:443 api-2-0.spot.im tcp
US 67.202.105.23:443 ssc-cms.33across.com tcp
DE 51.75.86.98:443 onetag-sys.com tcp
US 52.22.3.193:443 cs-server-s2s.yellowblue.io tcp
US 52.22.3.193:443 cs-server-s2s.yellowblue.io tcp
DE 51.75.86.98:443 onetag-sys.com tcp
US 67.202.105.23:443 ssc-cms.33across.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
NL 35.214.149.91:443 x.bidswitch.net tcp
US 52.1.95.45:443 api-2-0.spot.im tcp
IE 34.250.109.179:443 match.prod.bidr.io tcp
US 54.157.210.214:443 sync.srv.stackadapt.com tcp
IE 34.253.170.144:443 jadserve.postrelease.com tcp
US 172.111.38.86:443 tracker.open-adsyield.com tcp
US 151.101.2.49:443 sync-tm.everesttech.net tcp
GB 108.156.39.69:443 s.ad.smaato.net tcp
US 192.132.33.67:443 bttrack.com tcp
US 35.244.174.68:443 id.rlcdn.com tcp
US 172.240.45.78:443 sync.aniview.com tcp
US 216.239.34.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 98.86.75.51.in-addr.arpa udp
US 8.8.8.8:53 45.95.1.52.in-addr.arpa udp
US 8.8.8.8:53 214.210.157.54.in-addr.arpa udp
US 8.8.8.8:53 193.3.22.52.in-addr.arpa udp
US 8.8.8.8:53 23.105.202.67.in-addr.arpa udp
US 8.8.8.8:53 144.170.253.34.in-addr.arpa udp
US 8.8.8.8:53 86.38.111.172.in-addr.arpa udp
US 8.8.8.8:53 49.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 69.39.156.108.in-addr.arpa udp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 8.8.8.8:53 225.236.55.162.in-addr.arpa udp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
GB 128.116.119.4:443 ncs.roblox.com tcp
FR 164.132.25.184:443 rtb-csync.smartadserver.com tcp
US 151.101.129.91:443 articles-img.sftcdn.net udp
FR 216.58.214.174:443 syndicatedsearch.goog tcp
GB 216.137.44.28:443 css.rbxcdn.com tcp
GB 216.137.44.28:443 css.rbxcdn.com tcp
GB 216.137.44.28:443 css.rbxcdn.com tcp
GB 216.137.44.28:443 css.rbxcdn.com tcp
GB 216.137.44.28:443 css.rbxcdn.com tcp
GB 216.137.44.28:443 css.rbxcdn.com tcp
GB 92.123.143.106:443 static.rbxcdn.com tcp
GB 92.123.143.106:443 static.rbxcdn.com tcp
GB 92.123.143.233:443 js.rbxcdn.com tcp
GB 92.123.143.233:443 js.rbxcdn.com tcp
GB 92.123.143.233:443 js.rbxcdn.com tcp
GB 92.123.143.233:443 js.rbxcdn.com tcp
GB 92.123.143.233:443 js.rbxcdn.com tcp
GB 92.123.143.233:443 js.rbxcdn.com tcp
NL 128.116.21.3:443 ams2-128-116-21-3.roblox.com tcp
GB 92.123.140.107:443 images.rbxcdn.com tcp
GB 92.123.140.107:443 images.rbxcdn.com tcp
GB 92.123.140.107:443 images.rbxcdn.com tcp
GB 216.137.44.28:443 css.rbxcdn.com tcp
GB 128.116.119.4:443 ncs.roblox.com tcp
FR 216.58.214.174:443 syndicatedsearch.goog udp
US 130.211.23.194:443 api.btloader.com udp
DE 141.95.98.65:443 lb.eu-1-id5-sync.com tcp
GB 18.245.143.108:443 js.adscale.de tcp
US 172.67.74.173:443 wct.softonic.com tcp
DE 3.64.223.109:443 ih.adscale.de tcp
GB 92.123.140.82:443 apis.rbxcdn.com tcp
US 172.67.74.173:443 wct.softonic.com tcp
GB 128.116.119.8:443 lms.roblox.com tcp
FR 142.250.201.163:443 www.google.co.uk udp
US 8.8.8.8:53 fra4-128-116-44-3.roblox.com udp
US 8.8.8.8:53 lhr2-128-116-119-3.roblox.com udp
US 8.8.8.8:53 aws-us-west-2b-lms.rbx.com udp
US 8.8.8.8:53 iad4-128-116-102-3.roblox.com udp
US 35.244.193.51:443 lexicon.33across.com udp
NL 128.116.21.3:443 ams2-128-116-21-3.roblox.com tcp
US 128.116.45.3:443 mia4-128-116-45-3.roblox.com tcp
US 128.116.101.3:443 ord2-128-116-101-3.roblox.com tcp
US 54.218.50.215:443 aws-us-west-2b-lms.rbx.com tcp
DE 128.116.123.3:443 fra2-128-116-123-3.roblox.com tcp
US 128.116.102.3:443 iad4-128-116-102-3.roblox.com tcp
GB 128.116.119.3:443 lhr2-128-116-119-3.roblox.com tcp
DE 128.116.44.3:443 fra4-128-116-44-3.roblox.com tcp
GB 128.116.119.3:443 lhr2-128-116-119-3.roblox.com tcp
JP 128.116.120.3:443 nrt1-128-116-120-3.roblox.com tcp
JP 128.116.120.3:443 nrt1-128-116-120-3.roblox.com tcp
US 128.116.102.3:443 iad4-128-116-102-3.roblox.com tcp
GB 92.123.140.8:443 tr.rbxcdn.com tcp
GB 92.123.140.8:443 tr.rbxcdn.com tcp
GB 92.123.140.8:443 tr.rbxcdn.com tcp
GB 128.116.119.8:443 lms.roblox.com tcp
DE 23.88.8.123:443 push-sdk.com tcp
DE 157.90.33.122:443 push-sdk.com tcp
DE 157.90.33.122:443 push-sdk.com tcp
FR 142.250.178.130:443 ep1.adtrafficquality.google udp
NL 139.45.197.227:443 notix.io tcp
DE 51.75.86.98:443 onetag-sys.com udp
NL 46.228.174.117:443 sync.1rx.io tcp
IE 34.250.109.179:443 match.prod.bidr.io tcp
US 54.157.210.214:443 sync.srv.stackadapt.com tcp
US 35.244.174.68:443 id.rlcdn.com udp
FR 216.58.213.66:443 cm.g.doubleclick.net tcp
FR 164.132.25.184:443 rtb-csync.smartadserver.com tcp
FR 216.58.213.66:443 cm.g.doubleclick.net udp
US 8.8.8.8:53 spl.zeotap.com udp
US 216.200.232.253:443 sync.mathtag.com tcp
US 80.77.87.161:443 cs.admanmedia.com tcp
NL 82.145.213.8:443 t.adx.opera.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
NL 35.214.199.88:443 rtb.mfadsrvr.com tcp
US 104.22.50.98:443 spl.zeotap.com tcp
NL 69.173.156.148:443 pixel.rubiconproject.com tcp
FR 154.54.250.80:443 ads.stickyadstv.com tcp
US 209.54.182.161:443 s.amazon-adsystem.com tcp
US 8.8.8.8:53 161.182.54.209.in-addr.arpa udp
US 104.26.8.57:443 am5.com tcp
US 104.26.8.57:443 am5.com tcp
US 104.26.11.127:443 imgcdn.abcalphagame.com tcp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
FR 172.217.20.206:443 fundingchoicesmessages.google.com tcp
FR 172.217.20.206:443 fundingchoicesmessages.google.com udp
FR 142.250.178.129:443 lh3.googleusercontent.com tcp
FR 142.250.179.97:443 ep2.adtrafficquality.google udp
US 172.67.207.108:443 marcnorgaard.com tcp
US 172.67.207.108:443 marcnorgaard.com tcp
US 104.26.15.10:443 lib.wtg-ads.com tcp
US 104.26.15.10:443 lib.wtg-ads.com tcp
GB 92.123.143.152:443 consent.cookiebot.com tcp
US 151.101.65.229:443 cdn.jsdelivr.net udp
DE 141.95.98.65:443 lb.eu-1-id5-sync.com tcp
GB 23.53.172.14:443 imgsct.cookiebot.com tcp
DE 141.95.98.65:443 lb.eu-1-id5-sync.com tcp
US 216.239.34.36:443 region1.analytics.google.com udp
GB 23.53.172.14:443 imgsct.cookiebot.com tcp
FR 216.58.214.161:443 cdn.ampproject.org udp
FR 142.250.178.129:443 lh3.googleusercontent.com udp
US 161.35.127.181:443 veryfast.io tcp
US 161.35.127.181:443 veryfast.io tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
US 8.8.8.8:53 repcdn.pcapp.store udp
GB 89.187.167.39:443 repcdn.pcapp.store tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
US 8.8.8.8:53 r.bing.com udp
GB 92.123.142.137:443 r.bing.com tcp
US 52.167.30.171:443 fpt.microsoft.com tcp
US 104.18.33.89:443 www2.bing.com tcp
US 104.18.33.89:443 www2.bing.com tcp
US 104.21.95.69:443 youareanidiot.cc tcp
US 104.21.95.69:443 youareanidiot.cc tcp
NL 185.89.210.153:443 secure.adnxs.com tcp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
NL 188.166.203.175:443 brightcombid.marphezis.com tcp
US 8.8.8.8:53 prebid.media.net udp
FR 185.255.84.150:443 hb-api.omnitagjs.com tcp
US 34.120.63.153:443 prebid.media.net udp
IE 108.128.33.72:443 ad.360yield.com tcp
FR 142.250.178.129:443 lh3.googleusercontent.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 51.8.64.151:443 h.clarity.ms tcp
US 104.21.95.69:80 fl.youareanidiot.cc tcp
US 104.21.95.69:80 fl.youareanidiot.cc tcp
US 216.239.34.36:443 region1.analytics.google.com udp
GB 104.86.110.96:443 tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
GB 92.123.142.163:443 r.bing.com tcp
GB 92.123.142.163:443 r.bing.com tcp
GB 92.123.142.163:443 r.bing.com tcp
GB 92.123.142.163:443 r.bing.com tcp
GB 92.123.142.163:443 r.bing.com tcp
GB 92.123.142.163:443 r.bing.com tcp
US 20.189.173.8:443 browser.pipe.aria.microsoft.com tcp
US 8.8.8.8:53 222.197.79.204.in-addr.arpa udp
GB 92.123.142.74:443 www.bing.com tcp
US 8.8.8.8:53 th.bing.com udp
GB 92.123.142.80:443 th.bing.com tcp
GB 92.123.142.80:443 th.bing.com tcp
GB 92.123.142.106:443 th.bing.com tcp
GB 92.123.142.106:443 th.bing.com tcp
US 104.18.33.89:443 www2.bing.com tcp
US 104.18.33.89:443 www2.bing.com tcp
IE 13.74.129.92:443 r.g.bing.com tcp
GB 104.103.254.225:443 www.avg.com tcp
GB 104.103.254.225:443 www.avg.com tcp
GB 104.103.254.225:443 www.avg.com tcp
GB 104.103.254.225:443 www.avg.com tcp
GB 104.103.254.225:443 www.avg.com tcp
GB 104.103.254.225:443 www.avg.com tcp
GB 104.103.254.225:443 www.avg.com tcp
GB 104.103.254.225:443 www.avg.com tcp
US 104.18.87.42:443 cdn.cookielaw.org tcp
US 104.18.87.42:443 cdn.cookielaw.org tcp
US 104.18.87.42:443 cdn.cookielaw.org tcp
GB 104.103.254.225:443 www.avg.com tcp
US 8.8.8.8:53 assets.adobedtm.com udp
GB 95.100.244.132:443 s.go-mpulse.net tcp
GB 2.18.108.226:443 assets.adobedtm.com tcp
GB 54.192.137.4:443 widget.trustpilot.com tcp
US 104.18.32.137:443 geolocation.onetrust.com tcp
US 8.8.8.8:53 42.87.18.104.in-addr.arpa udp
US 8.8.8.8:53 132.244.100.95.in-addr.arpa udp
US 8.8.8.8:53 226.108.18.2.in-addr.arpa udp
US 8.8.8.8:53 c.go-mpulse.net udp
GB 2.18.108.132:443 c.go-mpulse.net tcp
US 8.8.8.8:53 www.nortonlifelock.com udp
IE 34.251.148.170:443 symantec.demdex.net tcp
GB 104.96.172.121:443 www.nortonlifelock.com tcp
US 8.8.8.8:53 www.google.com udp
NL 20.50.2.58:443 mstatic.avg.com tcp
FR 142.250.179.68:443 www.google.com udp
GB 2.18.108.132:443 c.go-mpulse.net tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
FR 142.250.179.68:443 www.google.com tcp
IE 52.212.226.55:443 cm.everesttech.net tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
IE 66.235.152.156:443 oms.avg.com tcp
US 8.8.8.8:53 zn8ksx2qgjavxayw6-gendigital.siteintercept.qualtrics.com udp
US 104.17.209.240:443 zn8ksx2qgjavxayw6-gendigital.siteintercept.qualtrics.com tcp
US 8.8.8.8:53 121.172.96.104.in-addr.arpa udp
US 8.8.8.8:53 170.148.251.34.in-addr.arpa udp
US 8.8.8.8:53 132.108.18.2.in-addr.arpa udp
US 8.8.8.8:53 58.2.50.20.in-addr.arpa udp
US 8.8.8.8:53 55.226.212.52.in-addr.arpa udp
US 8.8.8.8:53 156.152.235.66.in-addr.arpa udp
US 150.171.27.10:443 bat.bing.com tcp
US 34.117.39.58:443 www.upsellit.com tcp
US 34.117.223.223:443 analytics.ff.avast.com tcp
US 172.64.155.119:443 privacyportal-de.onetrust.com tcp
GB 13.224.245.89:443 static.hotjar.com tcp
US 216.239.34.36:443 region1.analytics.google.com udp
US 216.239.34.36:443 region1.analytics.google.com tcp
US 216.239.34.36:443 region1.analytics.google.com udp
BE 74.125.71.155:443 stats.g.doubleclick.net udp
FR 142.250.201.163:443 www.google.co.uk udp
US 216.239.34.36:443 region1.analytics.google.com tcp
BE 74.125.71.155:443 stats.g.doubleclick.net tcp
FR 142.250.201.163:443 www.google.co.uk tcp
GB 18.245.253.79:443 script.hotjar.com tcp
US 104.18.33.89:443 www2.bing.com tcp
US 104.18.33.89:443 www2.bing.com tcp
US 104.26.8.57:443 am5.com tcp
FR 172.217.20.206:443 fundingchoicesmessages.google.com udp
FR 172.217.20.206:443 fundingchoicesmessages.google.com tcp
FR 142.250.178.130:443 ep1.adtrafficquality.google udp
FR 142.250.178.130:443 ep1.adtrafficquality.google tcp
FR 142.250.178.129:443 lh3.googleusercontent.com udp
FR 142.250.178.129:443 lh3.googleusercontent.com tcp
US 104.21.8.176:443 acejoigny.com tcp
US 104.21.8.176:443 acejoigny.com tcp
US 104.21.8.176:443 acejoigny.com tcp
US 172.67.142.245:443 use.fontawesome.com tcp
FR 142.250.179.68:443 www.google.com udp
FR 142.250.179.68:443 www.google.com tcp
US 192.0.73.2:443 www.gravatar.com tcp
GB 92.123.143.152:443 consent.cookiebot.com tcp
GB 23.53.172.14:443 consentcdn.cookiebot.com tcp
US 104.22.52.86:443 cdn.id5-sync.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
FR 142.250.179.65:443 60766393e5e150afd9f43cdb75e4ed8d.safeframe.googlesyndication.com tcp
US 34.102.146.192:443 oa.openxcdn.net tcp
US 172.64.152.89:443 cdn-ima.33across.com tcp
GB 18.245.143.58:443 tags.crwdcntrl.net tcp
BE 74.125.71.155:443 stats.g.doubleclick.net udp
GB 23.53.172.14:443 consentcdn.cookiebot.com tcp
FR 142.250.179.97:443 ep2.adtrafficquality.google udp
DE 141.95.98.65:443 lb.eu-1-id5-sync.com tcp
FR 142.250.179.97:443 ep2.adtrafficquality.google tcp
US 34.120.135.53:443 oajs.openx.net tcp
IE 54.75.251.201:443 bcp.crwdcntrl.net tcp
US 34.120.135.53:443 oajs.openx.net udp
US 34.98.64.218:443 google-bidout-d.openx.net tcp
FR 216.58.214.161:443 cdn.ampproject.org udp
FR 216.58.214.161:443 cdn.ampproject.org tcp
FR 142.250.178.129:443 lh3.googleusercontent.com udp
US 172.67.157.161:443 besttoolsforai.com tcp
US 172.67.157.161:443 besttoolsforai.com tcp
US 104.21.8.179:443 besttoolsforai.com tcp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
FR 142.250.178.129:443 lh3.googleusercontent.com udp
US 172.67.157.161:443 besttoolsforai.com tcp
US 151.101.193.229:443 cdn.jsdelivr.net udp
US 172.67.142.245:443 use.fontawesome.com tcp
US 161.35.127.181:443 veryfast.io tcp
US 209.222.21.115:443 pcapp.store tcp
US 45.32.1.23:443 pcapp.store tcp
US 45.32.1.23:443 pcapp.store tcp
GB 89.187.167.39:443 delivery.pcapp.store tcp
GB 84.17.50.9:443 repository.pcapp.store tcp
US 8.8.8.8:53 23.1.32.45.in-addr.arpa udp
US 8.8.8.8:53 168.245.100.95.in-addr.arpa udp
US 8.8.8.8:53 9.50.17.84.in-addr.arpa udp
US 8.8.8.8:53 www.google.co.uk udp
FR 142.250.75.238:443 google.com tcp
FR 142.250.75.238:443 google.com tcp
BE 74.125.71.157:443 stats.g.doubleclick.net udp
FR 142.250.201.163:443 www.google.co.uk udp
US 209.222.21.115:443 pcapp.store tcp
GB 18.244.114.83:443 d74queuslupub.cloudfront.net tcp
US 209.222.21.115:443 pcapp.store tcp
US 8.8.8.8:53 181.178.204.143.in-addr.arpa udp
US 8.8.8.8:53 pcapp.store udp
US 8.8.8.8:53 pcapp.store udp
US 45.32.1.23:443 pcapp.store tcp
US 209.222.21.115:80 pcapp.store tcp
US 209.222.21.115:443 pcapp.store tcp
US 209.222.21.115:443 pcapp.store tcp
US 209.222.21.115:443 pcapp.store tcp
US 209.222.21.115:443 pcapp.store tcp
GB 84.17.50.9:443 repository.pcapp.store tcp
US 8.8.8.8:53 repcdn.pcapp.store udp
US 8.8.8.8:53 repcdn.pcapp.store udp
GB 89.187.167.38:443 repcdn.pcapp.store tcp
GB 89.187.167.38:443 repcdn.pcapp.store tcp
GB 89.187.167.38:443 repcdn.pcapp.store tcp
GB 89.187.167.38:443 repcdn.pcapp.store tcp
GB 89.187.167.38:443 repcdn.pcapp.store tcp
GB 89.187.167.38:443 repcdn.pcapp.store tcp
US 161.35.127.181:80 veryfast.io tcp
US 8.8.8.8:53 repository.pcapp.store udp
US 8.8.8.8:53 repository.pcapp.store udp
GB 89.187.167.38:443 repository.pcapp.store tcp
GB 104.86.110.96:443 tcp
US 8.8.8.8:53 spo-ring.msedge.net udp
US 161.35.127.181:443 veryfast.io tcp
US 13.107.138.254:443 spo-ring.msedge.net tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
FR 142.250.179.68:443 www.google.com udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google udp
US 8.8.8.8:53 38.167.187.89.in-addr.arpa udp
US 8.8.8.8:53 254.138.107.13.in-addr.arpa udp
US 8.8.8.8:53 ev.pcapp.store udp
US 147.182.211.77:443 ev.pcapp.store tcp
GB 89.187.167.38:443 repcdn.veryfast.io tcp
US 150.171.22.254:443 ln-ring.msedge.net tcp
US 8.8.8.8:53 20.160.190.20.in-addr.arpa udp
US 13.107.213.254:443 t-ring-s2.msedge.net tcp
US 161.35.127.181:443 veryfast.io tcp
GB 92.123.142.163:443 www.bing.com tcp
DE 152.199.19.74:80 evcs-ocsp.ws.symantec.com tcp
US 8.8.8.8:53 evcs-crl.ws.symantec.com udp
SE 192.229.221.95:80 evcs-crl.ws.symantec.com tcp
US 8.8.8.8:53 74.19.199.152.in-addr.arpa udp
GB 89.187.167.38:443 repcdn.veryfast.io tcp
US 161.35.127.181:443 veryfast.io tcp
US 147.182.211.77:443 ev.pcapp.store tcp
US 8.8.8.8:53 connect.facebook.net udp
DE 157.240.27.27:443 connect.facebook.net tcp
US 161.35.127.181:443 veryfast.io tcp
US 161.35.127.181:443 veryfast.io tcp
US 161.35.127.181:443 veryfast.io tcp
US 8.8.8.8:53 veryfast.io udp
US 8.8.8.8:53 veryfast.io udp
US 64.227.17.224:443 veryfast.io tcp
US 161.35.127.181:443 veryfast.io tcp
US 161.35.127.181:443 veryfast.io tcp
US 8.8.8.8:53 224.17.227.64.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
FR 142.250.179.68:443 www.google.com udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.8.8:53 4.4.8.8.in-addr.arpa udp
US 161.35.127.181:443 veryfast.io tcp
US 8.8.8.8:443 dns.google udp
US 8.8.8.8:443 dns.google udp
US 64.227.17.224:443 veryfast.io tcp
FR 142.250.179.68:443 www.google.com udp
GB 89.187.167.38:443 repcdn.veryfast.io tcp
FR 172.217.20.202:443 tcp
US 147.182.211.77:443 ev.pcapp.store tcp
FR 172.217.20.170:443 udp
GB 92.123.142.91:443 www.bing.com tcp
US 8.8.8.8:53 91.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 th.bing.com udp
GB 92.123.142.89:443 th.bing.com tcp
GB 92.123.142.89:443 th.bing.com tcp
GB 92.123.142.89:443 th.bing.com tcp
GB 92.123.142.89:443 th.bing.com tcp
US 204.79.197.200:443 bing.com tcp
US 8.8.8.8:53 89.142.123.92.in-addr.arpa udp
US 104.18.33.89:443 www2.bing.com tcp
US 104.18.33.89:443 www2.bing.com tcp
US 161.35.127.181:443 veryfast.io tcp
US 161.35.127.181:443 veryfast.io tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 147.182.211.77:443 ev.pcapp.store tcp
US 104.26.3.202:443 appnado.com tcp
US 104.26.3.202:443 appnado.com tcp
US 8.8.8.8:53 code.jquery.com udp
US 8.8.8.8:53 maxcdn.bootstrapcdn.com udp
US 151.101.130.137:443 code.jquery.com tcp
US 151.101.130.137:443 code.jquery.com tcp
US 104.18.10.207:443 maxcdn.bootstrapcdn.com tcp
FR 143.244.56.49:443 root-cdn.appnado.com tcp
FR 143.244.56.49:443 root-cdn.appnado.com tcp
FR 185.93.2.245:443 get.appnado.com tcp
US 34.160.30.67:443 api.fraud0.com tcp
US 34.160.30.67:443 api.fraud0.com tcp
FR 172.217.20.214:443 i.ytimg.com udp
GB 79.127.237.132:443 cdn.seojuice.io tcp
US 8.8.8.8:53 bat.bing.com udp
US 34.160.30.67:443 api.fraud0.com tcp
FR 142.250.75.238:443 www.youtube.com udp
US 172.67.68.196:443 pulse.clickguard.com tcp
US 150.171.27.10:443 bat.bing.com tcp
FR 142.250.75.246:443 i.ytimg.com tcp
BE 74.125.71.157:443 stats.g.doubleclick.net udp
FR 172.217.20.162:443 googleads.g.doubleclick.net udp
FR 142.250.201.163:443 www.google.co.uk udp
US 216.239.34.36:443 region1.analytics.google.com udp
US 172.67.153.151:443 seojuice.io tcp
FR 142.250.201.163:443 www.google.co.uk tcp
US 8.8.8.8:53 245.2.93.185.in-addr.arpa udp
US 8.8.8.8:53 49.56.244.143.in-addr.arpa udp
US 8.8.8.8:53 214.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 67.30.160.34.in-addr.arpa udp
US 8.8.8.8:53 132.237.127.79.in-addr.arpa udp
US 8.8.8.8:53 196.68.67.172.in-addr.arpa udp
US 8.8.8.8:53 246.75.250.142.in-addr.arpa udp
US 8.8.8.8:53 162.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 151.153.67.172.in-addr.arpa udp
US 172.67.68.196:443 pulse.clickguard.com tcp
US 13.107.246.64:443 www.clarity.ms tcp
FR 172.217.20.206:443 fundingchoicesmessages.google.com udp
FR 142.250.179.68:443 www.google.com udp
FR 142.250.179.97:443 ep2.adtrafficquality.google tcp
FR 216.58.214.170:443 jnn-pa.googleapis.com tcp
US 51.8.64.151:443 h.clarity.ms tcp
FR 216.58.214.170:443 jnn-pa.googleapis.com udp
US 104.26.3.202:443 appnado.com tcp
FR 185.93.2.248:443 appnado-root.b-cdn.net tcp
US 51.8.64.151:443 h.clarity.ms tcp
US 172.67.68.196:443 pulse.clickguard.com tcp
FR 172.217.18.194:443 ep1.adtrafficquality.google udp
FR 142.250.179.97:443 ep2.adtrafficquality.google udp
FR 142.250.179.68:443 www.google.com udp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
FR 172.217.20.163:443 p4-hxnbkl7z4jzj2-xjtydblnxrp6pygq-if-v6exp3-v4.metric.gstatic.com tcp
US 74.125.134.94:443 csi.gstatic.com tcp
GB 74.125.175.167:443 rr2---sn-aigzrnsz.googlevideo.com tcp
US 74.125.134.94:443 csi.gstatic.com tcp
US 74.125.134.94:443 csi.gstatic.com tcp
FR 216.58.214.174:443 syndicatedsearch.goog udp
US 8.8.8.8:53 partner.googleadservices.com udp
FR 142.250.201.162:443 partner.googleadservices.com udp
FR 216.58.214.174:443 syndicatedsearch.goog tcp
FR 172.217.20.163:443 p4-hxnbkl7z4jzj2-xjtydblnxrp6pygq-if-v6exp3-v4.metric.gstatic.com udp
US 51.8.64.151:443 h.clarity.ms tcp
US 8.8.8.8:53 167.175.125.74.in-addr.arpa udp
US 8.8.8.8:53 94.134.125.74.in-addr.arpa udp
US 74.125.134.94:443 csi.gstatic.com udp
FR 172.217.18.210:443 p4-hxnbkl7z4jzj2-xjtydblnxrp6pygq-912118-i1-v6exp3.ds.metric.gstatic.com tcp
FR 142.250.178.146:443 p4-hxnbkl7z4jzj2-xjtydblnxrp6pygq-912118-i2-v6exp3.v4.metric.gstatic.com tcp
US 8.8.8.8:53 adclick.g.doubleclick.net udp
US 161.35.127.181:443 veryfast.io tcp
US 147.182.211.77:443 ev.pcapp.store tcp
US 104.18.10.207:443 maxcdn.bootstrapcdn.com tcp
US 34.160.30.67:443 api.fraud0.com udp
FR 142.250.75.246:443 i.ytimg.com udp
US 51.8.64.151:443 h.clarity.ms tcp
US 161.35.127.181:443 veryfast.io tcp
US 51.8.64.151:443 h.clarity.ms tcp
FR 142.250.179.68:443 www.google.com udp
US 8.8.8.8:53 aefd.nelreports.net udp
GB 173.222.211.40:443 aefd.nelreports.net udp
GB 173.222.211.40:443 aefd.nelreports.net tcp
US 8.8.8.8:53 marcnorgaard.com udp
US 172.67.207.108:443 marcnorgaard.com tcp
US 104.26.15.10:443 lib.wtg-ads.com tcp
US 8.8.8.8:53 d29fda6186e46d62c61d8eff34ae5b77.safeframe.googlesyndication.com udp
US 8.8.8.8:53 id5-sync.com udp
DE 141.95.98.65:443 lb.eu-1-id5-sync.com tcp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
FR 142.250.178.129:443 tpc.googlesyndication.com udp
US 209.222.21.115:443 pcapp.store tcp
US 161.35.127.181:443 veryfast.io tcp
US 45.32.1.23:443 pcapp.store tcp
US 161.35.127.181:443 veryfast.io tcp
US 216.239.34.36:443 region1.analytics.google.com udp
FR 142.250.201.163:443 www.google.co.uk udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.4.4:443 dns.google udp
US 161.35.127.181:443 veryfast.io tcp
FR 142.250.201.170:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google udp
FR 142.250.179.106:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 106.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 roaming.officeapps.live.com udp
GB 52.109.28.47:443 roaming.officeapps.live.com tcp
US 8.8.8.8:53 97.32.109.52.in-addr.arpa udp
SE 192.229.221.95:80 evcs-crl.ws.symantec.com tcp
US 8.8.8.8:53 252.15.104.51.in-addr.arpa udp
GB 2.17.209.140:443 metadata.templates.cdn.office.net tcp
US 8.8.8.8:53 binaries.templates.cdn.office.net udp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
GB 173.222.211.24:443 binaries.templates.cdn.office.net tcp
US 8.8.8.8:53 140.209.17.2.in-addr.arpa udp
US 8.8.8.8:53 24.211.222.173.in-addr.arpa udp
US 161.35.127.181:443 veryfast.io tcp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 03a56f81ee69dd9727832df26709a1c9
SHA1 ab6754cc9ebd922ef3c37b7e84ff20e250cfde3b
SHA256 65d97e83b315d9140f3922b278d08352809f955e2a714fedfaea6283a5300e53
SHA512 e9915f11e74c1bcf7f80d1bcdc8175df820af30f223a17c0fe11b6808e5a400550dcbe59b64346b7741c7c77735abefaf2c988753e11d086000522a05a0f7781

\??\pipe\LOCAL\crashpad_1804_QRBENYHNTZCYFCDJ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 d30a5618854b9da7bcfc03aeb0a594c4
SHA1 7f37105d7e5b1ecb270726915956c2271116eab7
SHA256 3494c446aa3cb038f1d920b26910b7fe1f4286db78cb3f203ad02cb93889c1a8
SHA512 efd488fcd1729017a596ddd2950bff07d5a11140cba56ff8e0c62ef62827b35c22857bc4f5f5ea11ccc2e1394c0b3ee8651df62a25e66710f320e7a2cf4d1a77

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0d75c558ada89a4ed72d2908a772c543
SHA1 c2549513b499126e2c08827326d67ddb1c6141cc
SHA256 1d5a3c912345a1912ca9998007c453517b1e2082dd66170cd2562c8c7aa62af7
SHA512 73d6252a80bd1b79e1cbf2d31c8873520bf10b2e94ae208c36cc49a9a3319b650782d291c11c0033593ffb95ae0bbb5444e95d3e4c3d370b6bc4a0641af7c24b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 b28032818e2fb4cad4fbe05681fb6050
SHA1 6825fda8c211d6b83a0696fa7d899a927cfd93db
SHA256 8a05bbd3c13bd17b91d83ba5fe1fe0b293bfd9dc511103ea7eb75b38c77bcf6d
SHA512 aeea1842378d2d5963b081051146f2da891ac51a433710318ef577a089881f768f10e0f52c03cf2a6745584391dd6a713022943b74ea35b497e352f2fd362a23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b4300a2f77d16df978405c46b45855e1
SHA1 a8488d825601cbcb6d58a0d2450bea262cfbb47d
SHA256 bea0cf3d6886e79cf4e19cc93ea7c764326fde2414b8223d998bcc24bea3259c
SHA512 8e806b475308cb12d47b48c95902c12ff15d99f978f36fdc1c7cb6a0be304571ad8507748aa8b94c4e49b4c43a56b995672fafb08a2f7f3bcd1e5457ed41092b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b3365bdab2306e2f06e90161ac0d57d6
SHA1 068db1a25e585c2df22f08ea722c651e0b1d3570
SHA256 31570912938174d231b889d728f63ab70392f145ff8ec3dc4ebc995434a5a3b4
SHA512 b1a57e6e76ce8bb59ea40f9511af4c437cf91ab207457de5a531cd2a019c30b2c5308e91b56ba636e87fbf1ff68feb261015a77ceb726d90d91b4e62716937ca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005

MD5 60f8cd04587a51e31b51d1570d6f889a
SHA1 88574c41d0ab81721b275252464da5c7927a4835
SHA256 27cb4390e32a97375dd4987ae000406933bceba5199f17893711e782333b81cb
SHA512 84c12448ac55dd819749fef9be9919111a3df4bc51e66d2fa9f7376c11c101ed1349cb36aa119aa873cdd6c0c91027e201fbe23c2c83b89bc900a4d9077bcc52

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

MD5 ed124bdf39bbd5902bd2529a0a4114ea
SHA1 b7dd9d364099ccd4e09fd45f4180d38df6590524
SHA256 48232550940208c572ebe487aa64ddee26e304ba3e310407e1fc31a5c9deed44
SHA512 c4d180292afa484ef9556d15db1d3850416a85ad581f6f4d5eb66654991fa90f414029b4ce13ed142271a585b46b3e53701735ee3e0f45a78b67baa9122ba532

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

MD5 d6b36c7d4b06f140f860ddc91a4c659c
SHA1 ccf16571637b8d3e4c9423688c5bd06167bfb9e9
SHA256 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92
SHA512 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 76a3f1e9a452564e0f8dce6c0ee111e8
SHA1 11c3d925cbc1a52d53584fd8606f8f713aa59114
SHA256 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c
SHA512 a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

MD5 710d7637cc7e21b62fd3efe6aba1fd27
SHA1 8645d6b137064c7b38e10c736724e17787db6cf3
SHA256 c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b
SHA512 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000007

MD5 b38fbbd0b5c8e8b4452b33d6f85df7dc
SHA1 386ba241790252df01a6a028b3238de2f995a559
SHA256 b18b9eb934a5b3b81b16c66ec3ec8e8fecdb3d43550ce050eb2523aabc08b9cd
SHA512 546ca9fb302bf28e3a178e798dd6b80c91cba71d0467257b8ed42e4f845aa6ecb858f718aac1e0865b791d4ecf41f1239081847c75c6fb3e9afd242d3704ad16

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

MD5 038c1f469deb6932520d09a340856ebc
SHA1 8b361a8c0489b69e9ef4e132e36f20c161c5ec1e
SHA256 5fafae77cfdc093baea4dd31485ced7dc4ab8e734311b3c2aaac1dc2ed95f451
SHA512 fc3123f11323a9f18f5e1bb31c61fa229e0de8b6d07bb01b220605cfd9ba499ed63e76be0b7146e096412cc94486bdba0ee102982b38b258958c6327fc6bb6c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe58968e.TMP

MD5 e4edba9571b826c21cd0a79204faf357
SHA1 9c4bda40f59034f0e382017a7f0ddbbeb7629878
SHA256 49fa8330841e3edba7f87a56b6425921950f63350eef6447be9b5a845e50a680
SHA512 79dd1c0eccf5b1d318c91c7e16f31cf2f253c8094f7a7e280584ec08e154dc7d5f4ff1fcc57d43623fb016e3a61ad29e05df4376a70f46c5c7750782982683d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f4924310f23c92f91b23f404797a627c
SHA1 3b6cedb32e5cee00916cb3621497376723be6d7f
SHA256 0476e872d571c8147d778b0cf9be64fe58344d9d2a8530eb33f92a0265eaab5e
SHA512 11461383746f8e81082b03382631ddf58746cede22edd0baa7dc2ecab4522d7ad59fede9a267cd46124d0c8e3b930b04c65a28da3c0d334958c02acf4145037b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5437e89f4aa707c6a768b71d7c7064cc
SHA1 dbdfcbf9e37dc4acbe43a5497037a974fb812eef
SHA256 3684059c78b8cfd038fe120eeb1f2fc692191d3f89584ba7a2dd1f2f0758a7df
SHA512 458209907b593eb74eb2d19e648f082c1e851530ba6b5fe225d2c46eff5b7ade16ed2770f6d942d63ca7d6f64e2032e9184ebbb39b51ed19d0b5ee58fbb4223b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a1a78aea149a6948ad5e9efeb0003e0f
SHA1 2aae38f705047b10b708e0a17be49f6080a1eca3
SHA256 4c6cf1cfed30fd5057c75c55ed07e8ef9a1671cc5989eb66cf676d06804c4f61
SHA512 a5557be1daa2d436d764e533e240d7d331f68317138f281a75664cf206ae2421574d882463fab171d1ed87e9020597231da6a319b7e887b865f432cc0b99415b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 266314dfd399bc89b0190217c46f33ee
SHA1 23c1934bc340ead887a894365ae782f972939a36
SHA256 4c73cda1a822d252ff0d8b6f868cb3cd0e483d17356bf8189e78a2cd9ab8f949
SHA512 7e7a3e693094407fd2c775fdb53d0d06ffb57504eb0115344f5e5bce53e05c41e472fa413d12ed24c5d68c66bf788b948d877087be3a3fe2604bdfcb2f4e1e79

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

MD5 b07f576446fc2d6b9923828d656cadff
SHA1 35b2a39b66c3de60e7ec273bdf5e71a7c1f4b103
SHA256 d261915939a3b9c6e9b877d3a71a3783ed5504d3492ef3f64e0cb508fee59496
SHA512 7358cbb9ddd472a97240bd43e9cc4f659ff0f24bf7c2b39c608f8d4832da001a95e21764160c8c66efd107c55ff1666a48ecc1ad4a0d72f995c0301325e1b1df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

MD5 d9b427d32109a7367b92e57dae471874
SHA1 ce04c8aeb6d89d0961f65b28a6f4a03381fc9c39
SHA256 9b02f8fe6810cacb76fbbcefdb708f590e22b1014dcae2732b43896a7ac060f3
SHA512 dcabc4223745b69039ea6a634b2c5922f0a603e5eeb339f42160adc41c33b74911bb5a3daa169cd01c197aeaca09c5e4a34e759b64f552d15f7a45816105fb07

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

MD5 f930621607e050dff86f94bbf4806b73
SHA1 d06bdf16d5794550b78713955629c465b6970676
SHA256 fe97ff9a43f7f196dcd9088da3818e6f80ecdc2ad8937a5bd4a52c8b3979a09e
SHA512 df4c634c95cbc63c44c0f884817333fdb3965d225fbcf008d134a12ea99d05965b043c4f74bbe57f8356fd7f698fde30fe34638387ffcb8ca1226fe7c8b00cb7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002f

MD5 2257803a7e34c3abd90ec6d41fd76a5a
SHA1 f7a32e6635d8513f74bd225f55d867ea56ae4803
SHA256 af23860fb3a448f2cc6107680078402555a345eb45bc5efb750f541fe5d7c174
SHA512 e9f4dc90d0829885f08879e868aa62041150b500f62682fc108da258eee26ad9509dcbf6e8a55f2d0bdba7aa9118dd149a70a7d851820d4ea683db7808c48540

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 aeb44cc25d1ac4deed1b45ff06e35a4a
SHA1 eba3f58e57215fc10663e236d7faa393472f394f
SHA256 e6dd1a08a148c22470a44823410bbf1522968e34e032601355024ea79c2eece3
SHA512 e94330c2101aa9ce976c88c0180e76ef8a72eae605f7373c286b842c744422d0702d2e05da4d65ed7f43f26f6372ffbebeea547d415a36fa1a7fe7a8db7d57bf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d927e858bbea49f5b26532e04e7a63a9
SHA1 a107f658571cce2a65b4446ce10623a22b47e813
SHA256 55a0960ae7a69d475d3c42f84e63eddb6d91f61b1aa746c57b286f2e33cd6fac
SHA512 5e0ba3135b0e9c20c5bf76dc9a159bf1f2941bc0bf88378bb4402a893196c29719cd9d300b1d13980ade3d1963795b59279572df987db8683b277628cff9417b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002e

MD5 c594a826934b9505d591d0f7a7df80b7
SHA1 c04b8637e686f71f3fc46a29a86346ba9b04ae18
SHA256 e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610
SHA512 04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 5f376905b89fba42a18a7cab0cffaf72
SHA1 edb797cd3f7c6df109b5b1214d94a0dc24cf78fb
SHA256 2dd560958ed0ad7b72787bafc1bbe41311814c973ed6720076914451f3f76cfb
SHA512 353e1bd34e4bc360f343710fbc34fce9920f1acf38dd78db7b5bbcbd33ae6352a0761c2e0fb75631c140ed8e0c64bdd6add83c11c1f5ea1c409b7f848464bbec

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5070bbe5e1a218d7c179001f39d18914
SHA1 9ae1c8a05507e73d92eb704dda85e8ac87c1ebfc
SHA256 094897054f546b378c7efdee6ac0fe2e9157d64635646724cb230036ca891ca1
SHA512 9ad6b622f094aae0a110ccf098c409a65f8234da68f1ff22dd3487ab2606e3ba3e67b267e06410ed05227e6f381e226b3fbace52103256b1a7b9c3f43ca46617

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7dcb89f4000285719b08041d916a2868
SHA1 585e513d03e5d00fc929fe7f03d8d03dc97bef9c
SHA256 1d3477959d221b4acb415fbd01752b235f2b5e616e14ea007d7223deebcbd447
SHA512 16dd17fbd5cffc77bc2478c59213b14ae4fdd1069508b5cc162d49c582224554a2b79826040c8fe732c131786dbc1cd84dafd541f8fe57c96418c2ba88b86618

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000059

MD5 f95a0faf6629fe55dba24478808491ac
SHA1 c91fbfa760c6642f522038a7e90b9445cf8c762f
SHA256 3401a6c618e31c817b75f603ff2ecfd83b8b75e4309aa09007cad5e98878f1f9
SHA512 06f2e5329db17deb104bd106cfc84ea2b321a4ddf64d6d4acf37462cc0d898530b3d913f2c48c7cc29063bb22430e9d12ebd6c9f8e32a2e980cd985a40923673

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000060

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 dc72dcb2fe3105a10a16747da2afdd76
SHA1 6796dc49a18f48074942aa1078b2d5943f7aa54b
SHA256 1cdcbb20fbfe98bf554b854d7272c9e1632c972f38fdfc00ef668b02a202322d
SHA512 3666457e96bac9fe60157b1507e21436529f0144ca2f5be137dca2ce57b33082ad3e29ad02666fd2fe56276fa17af5ec4462699c6f5856296a569f4fcdc4c969

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1052f03920e2f71bd3f71b6db98d9aaf
SHA1 7251c52a61dd440bc110c6d36e6c8f743c25692e
SHA256 2c40428653e9749f7623e2dd4381537ade060544383cb35df2c015ecd77cfb8f
SHA512 23be00ad10adf3b5ede2cac7e5a0acdf458504c002e33d058e7f7f7ad14e84afee059a8574123cd17042fa15fc68e62f6a62b98fa71818d03204d474be31cdea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000058

MD5 2dcf6daedda02abc4cb82b273eed57ab
SHA1 21d8c807d90bdb86de667d101e19741171b6893e
SHA256 11d8e6e41f748b3e303b66c01800fadb11a85a51c84aa62449fabe3a387e4a86
SHA512 c1c6f7bf7560c65402bb85983b6ff021e047d0a0a50b19b61c56598afd65598f3186607ec6d9550f02a83f249b055c08e11d9024a7afd9086c26113bf5bd9507

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005b

MD5 5be3eeb818d73baa3c838ad96c50d2cd
SHA1 76db6f6b25242ce19f3f59f43b9513e952f721c1
SHA256 190d451ad72e3437dedb798b42be04bb445946cc50fe0200f6b2496f402ace71
SHA512 a171bd6946d35cd869f523fc765a8dac32a9acd8d347d1055acf63618de6501481a9eb4b7a4b6538be51a1cc34d427a75357dd8a49303a28d532ebd11db6166a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 2650ff8f1b1c28ad07956246d8cd6f2a
SHA1 978d9b263716ae296962ca5f54a6625826391034
SHA256 5cdbd21027af00603e8444aebf05a532f86122d501a116a90c64ff91c86948f2
SHA512 6ac4247e7dc291a1d4d0434815341348e4c909208b6842f12c105715e29ff9078c3281c346089157d340b04941d8330e3a852895bd062177dd650b82a9b66f97

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e457ba41ad8c51309832ecb9c6081944
SHA1 9665f1314d33176cf337176864db2a12c531fb4e
SHA256 8d4e73b854ce02cc013a5674a6c952fc6023f5b3f1c24678e31fe6098e0d841d
SHA512 02177a9217e68ec1ca57e7ce2fda2bfca74dbc54b4285afa5926a525f071165525f9fb6168e839a48984257f5f4d4bc37f396a069f9cdee03c7786621e10de55

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4c6a6504a2f1675453c67f26e9d9a74a
SHA1 ba060e5012d231f44c41f12790ac0aaa1b47f45f
SHA256 a4dd1a288bf3de98b9b004dd03f1346f80481915e3af8523e5b23ed6bc27d9c6
SHA512 c06c6b42f1508c1350a9936cbfb9d794db96992c989e55e487e66919754a5e8049925f212df07123b7b912ef26de4626ba144f5773a928e6e021980846e399f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 fe482503b29d37da981667e8c3c8750d
SHA1 0b0368fd21bc687e78563560573cecd81f57df09
SHA256 2b6a6dd8f17dee6eb163c7af263f8309c20e9c76764fae6a11d886b203bee0a6
SHA512 e45b2321bb85d213e6d44f50db20ae425050e1117928d4c2674889561419977cf22a6abcb6011dd71a41fe1c57646b773e4b030b0ae868648f88e20bdd8ad798

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 bb4f450ddb0564302bca7cb8e6e08360
SHA1 a66b96dfe90355d8a7aede61eb0999c0d5d60b31
SHA256 ad7269ef0c65ad8963f4ecfd75a579fe35bd7848a79f3d61d8444198f4ed5121
SHA512 0514bad4922e3d8d2f09d2546f3344a37dafdd0c2ee1c1f28abd86f83a7feb539f1a99cbd2a6f937b3a977a7b2e6fddda0d1c3c2f32517917c1c1965769c4bd3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f0

MD5 8eff0b8045fd1959e117f85654ae7770
SHA1 227fee13ceb7c410b5c0bb8000258b6643cb6255
SHA256 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
SHA512 2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000ec

MD5 c03ff64e7985603de96e7f84ec7dd438
SHA1 dfc067c6cb07b81281561fdfe995aca09c18d0e9
SHA256 0db8e9f0a185bd5dd2ec4259db0a0e89363afa953069f5238a0537671de6f526
SHA512 bb0fd94c5a8944a99f792f336bb8a840f23f6f0f1cb9661b156511a9984f0bb6c96baf05b7c1cf0efb83f43a224ecea52740432e3cfc85e0799428765eefb692

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000f1

MD5 115c2d84727b41da5e9b4394887a8c40
SHA1 44f495a7f32620e51acca2e78f7e0615cb305781
SHA256 ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
SHA512 00402945111722b041f317b082b7103bcc470c2112d86847eac44674053fc0642c5df72015dcb57c65c4ffabb7b03ece7e5f889190f09a45cef1f3e35f830f45

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0000e9

MD5 a1afe33ce7442502a96deee597945384
SHA1 fe34cd78635f5617cf238de6dc746058d6f88899
SHA256 f7eeb570c60aff1435db1daf3767c0672634269789870ef91c69b2b90a47edaa
SHA512 f8bca21c3fd79d63c8265f5dfcba95419eac697b42efb600e7c33d15dc5d9c3e0d0d360da39e14004facaea4cff4dcfc00d7437979283ce0a2b06916b69b8c80

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6ef9074dae9cc8fe0ea41fd81d137e66
SHA1 35a934347f9f7745775faca2eb5e24f38d6d58ac
SHA256 219c30fde7d98f746ff0db63604959dc46af28786fdaa69ba778325a822e595f
SHA512 0c6d25dba2b244b4892f04c656973aa031e4e2b3882ec7c91fc0e3d5cd9efa7b546cd6bc2ec82119552b2350f5b1d1320192663d1e46269b4a9856b598cf7768

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 fe14b08632a4f1769200dc910c2174e0
SHA1 a57638cbb7b3ce0c743ab6169f31ed129aa28f95
SHA256 90b458ff309b915a6f3e9515feb822cccbfa862bae5e0838f14f1aa4b0903b58
SHA512 501f5b450be9c5183df7bded3ad2cd36960990d9c75e7bb932126720dcb10b305fdf64507bd5e451b89c563117410b7efb7c3912f43629024ea045a861debb61

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 b4950574c9023fbc7d358d0a5df8c421
SHA1 35dc66d6dafdf242eaa630cbe8f8a39572eadbc8
SHA256 f87fa04a5657f1090248aca70c105343f9df851fcf45e731a839c3c452eeccc7
SHA512 a3e4c11be9c234b056624e847c862cfb6e492cc8393e12d97a381f01e939d4682144f9338a2e21141566846e91b9feca1185cb11957d24bfd3522aaf98f88f0e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000149

MD5 e4cc1ece2f2425b10ae2ccc212c1dafc
SHA1 92609e6d0093693110baa23758382889bcb30da6
SHA256 92e9415d8bc8529e2a3f335258ef7ff159cce2965ce3b2b7c15f73720efee809
SHA512 2848dee3a6da891b7044518bc97aeafd340705cebe846350b9a7f314b52450f1eb977b8b492638965ce4674ebaa341e4f832438199c3cad2fb0a0793ef83a619

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00014a

MD5 9708e5224c10eb91f435950128a72070
SHA1 cc66f87dad487f1db80dc78942a7016d26725ae9
SHA256 834c60d1648bb2b2c84ab278eb0690ffdbd6f9dfa393d561eb38aa026dbdef8d
SHA512 8a7a126e028f6def7f03d4fc69831c2bccabebc48b7d97b816eb263a817934b8db1beb9baf1763ec7421640ef594e0a7fb65ef21cbfdadd90c3c88332f4022c5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 c665b49fdf99bddf24b580b0952b7f6a
SHA1 e45ca8bbf3e5cab73029581b1185fd1cb991c37b
SHA256 76b1de6efc8ff3def1b5f4f17fc44dfec4235ac092310e5e67c056f152fdc0ca
SHA512 29eb9818df99bc0d899d89200259ca0ffa114af21f114f6b2f2ce4e61f6b59d3dfe6fc47579e016e7b76894b9cfad999d9097783c36f44b79e1ea31dc5c1cc0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2a24c6a28205a5090cdc2b7d5ffbf79e
SHA1 20009b62a0d7fd23b4bba891fc9d69733227fb60
SHA256 47008c5e84a4d4c4c1cdf39d787bdecbaf5cef43fdb18afcd237715db0c4951d
SHA512 d38c8254228b3af66e92db68efbbd5d373fb156cec23998df041162bee036f77d0ea75216017f2269695e295c9b402b53731a9dcce47932ff4aea9e99ffaaa35

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000169

MD5 6b04ab52540bdc8a646d6e42255a6c4b
SHA1 4cdfc59b5b62dafa3b20d23a165716b5218aa646
SHA256 33353d2328ea91f6abf5fb5c5f3899853dcc724a993b9086cab92d880da99f4d
SHA512 4f3b417c77c65936486388b618a7c047c84fb2e2dd8a470f7fe4ffec1ad6699d02fa9c1bbd551414eef0f2e6747a9ee59ca87198b20f9f4a9a01394ae69fa730

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a7b36f65a8613f4b960546ad893720ad
SHA1 afc52ce257086281fce3832612f78354aeee3015
SHA256 f7b611d762868ecc9b35c80bd19640b41a7d2943c678101a9b726a8f8f427f0b
SHA512 1cb1d8a790c451e8ed91f8d643f33ffc25b825e8b861699de8879c5e56680e72e0ea844e1664c725e93e7d411f9df495388c1dc2258cb3856c4faf6a61b31837

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 025945bf2a73bf4e1633c9e5fc03b015
SHA1 bb5d7d664e053714ca702976c67487c8c0fbbd67
SHA256 4fcc372c856e9fcb8edebc8ecd300a3021c76add68eccd23f09d288a7dcfd270
SHA512 0c294927c3e25d21491066d73ae1fc2d9cfc7c97dcb00f5e1b3a8c382be79c05894393c374f1c62178ccb2d58d03275560613ed9ea07bdebaca99b732e942ce1

C:\Users\Admin\Downloads\Unconfirmed 94980.crdownload

MD5 190a4fabf6bd86c27020bc5e3c04cf6b
SHA1 0bc42044ad15daca5ac4514acef3b2b305a3bbd4
SHA256 cc2f88ed47a611a0a3c7b0701d839ca02cb1388a538a44d7ced103204e4eaeed
SHA512 7cc4fbd1216b1a29ddfdde80932ea7175317dd1c56025f2e327c25051c12bc44efde17d17d9ff4803f8cffdd94241109369db31fd7423162d7877eead226fdd4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b3473fc85630da686e7ebc9a3a9ea1f6
SHA1 9dd11e099ff5e75dd1cabbcf9eca65a439baa258
SHA256 793989d3678ec8dce541ff9790a5b0746e1fa8ac9d59d8bb13e38d1d967954fb
SHA512 55a17e350dab75920edb9dd9f4d04f802561e0e3bb693446e300a6aaaf4777a800d9fdf3bb63d26def9fa382ecfbae19b8005b7b8fe5f485b31391c5873d3a56

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 21550d9e1e337185ff6919844db0354d
SHA1 f1fc356e6864b5d52a39f057ee5e04e30cec54b6
SHA256 401a3da7cbc735d61b6a69882c5580912c0f1d6ed69caf8d2e639e87a91227b9
SHA512 8239ec347076ed27888d6e6d2ca666e30ec3bd380b9cd73e19fdbba60772709f6b8aa78a4ef05e4dcee1e9e566dcd3b16157bcac40296bf40a86a71569129cc7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 78c47e347a6d661cec1b283f31a6a668
SHA1 5400d613f8ff8059c0737907d69dd22a050057f4
SHA256 bf42ca636cf6751e2de2ebe8bd7ae5d962d31213fda64f9abd767bfb8208597d
SHA512 bc03be729a76a75a33c0f7cb0f8cb595b32676fead22c23fe8ba4793278566e4a5551936c2832a896c103ae9b8492c25a99db676eab87ee43498e1584b5bff05

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\5a994fe24b451732_0

MD5 c88385b5400da45193d6e9a09535abc8
SHA1 72a870955910a7a658d6c4e87ca79a347f65cfe9
SHA256 9c99910f7e2ce2ff69a7b832f43d3a5096e7bdd427ed0cee956163d1c470bd43
SHA512 f76f6186ed8615dad3fefa5db97bb1bddbea4ed024f7e92d0bd6cb8cc024d1f225212dd9c1269e919067ea377166519bd335f6fc4d30fe35cd96f577015b086e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0bbe00d9bf7b798e_0

MD5 31099737eb4f972c445986a1904287e0
SHA1 f32e65d25a95093e4b7877a758ffc13bab576653
SHA256 49f73bf4d838f47022363229fcfbb6c6cf8478e95b3d37aad0fe40266a1721c0
SHA512 de495a4137ba393975ee4ddb77cfa91a47abc82687734362d71e230e3d719ed428195ee66f89b554444b02f360f43f1c045316facf5e22eee629b7e62ba2d332

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\3f02c4494b1a18ff_0

MD5 cdb6655ed873f7530e5b88d06d998c93
SHA1 2579398e641de055c198dc6fd2cdabb89ad43461
SHA256 8dbfc1df37f632214c88f8603a208629a741ff5fbfad97ae2ea7831a587b169f
SHA512 2cfb3949d7f2c09b2bf29983639a05329d579910617df2641ae42488c94de4dd03e77d803f1cd3caf32d05012f484e127905415887e27e24c9d0788b1d20aeb8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9412c8b664751f90_0

MD5 55c374d11efb7bd8f91993f1bae36c2f
SHA1 d1327b2b870bcef67ce4a36ebbdb29776d66907c
SHA256 6325f424dba53ca71cb0f0696d4b47d316fa4b4510b6dad9ada48c2457778dc1
SHA512 6d5d23edb2c512a8a1b02192dc251a5bece95d1e7895a71aa4649c3aa9e374fe600da89fb7cd6ba8af1ddbe1743caa6c63d79b5e762b6142815f8d187fa1890c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\25c90b4fb1c6ef85_0

MD5 94cb29c7e0aea8755a87371cb26260c4
SHA1 96328d755dd9ce08137583611d113a6c257593a4
SHA256 26f52e54a2f0fa7cae0a771763f6e326f786fcfb9e006b9d4dc05b2a6d836a7f
SHA512 39ce70a8207eade28944d736a49cc8692bf7c581cf21a23b8b677eaa1d23df08327222155e6ba148c2b05a329a0ddde09ff02cf9924d06c8c4c63bdbd0798a9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\53ac5abc87e80789_0

MD5 614972b6eab693444c1bb29a1f0f36f2
SHA1 1e78c2bca355c2c879610b6a95885bb7559c3791
SHA256 24bc0653b7435f0cf8ac7549d188e029de0231481cc2051bda4cc6ee41ab845e
SHA512 75322dcc916e465ee60434de27b265924bae14023295bf535f1f8c9adeecd1b856ec2a22f287dc7dca79c82dcfe312cdae865062ca2a57e8311f103e8465a948

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f89251fac2b69325_0

MD5 ff069a4ca51e81e1921c01c6e995e80b
SHA1 44b4c4b88ac60021317b6fcf6910229fceabdc80
SHA256 437923f14a0a332ac35bf959ff9a75c726042cbe468203427c8403dad277aa81
SHA512 0df5a216c05310fdf2d0c072f742cd86bede15e2977bd970fd667251e4da00b25330632de9e37adeb6a63d2502e6be0f79ac95fe036a1504d10348974c828361

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\83d6d3a772bbc707_0

MD5 71eb102cccc49388ee44378234f1a8dd
SHA1 cd5a2c463c1cef7af771c767714e3d859dc43da0
SHA256 ea25383df6ebf7570571a0a01a46198ea2d5e7cc985bf2747778d77675e7bcc9
SHA512 5118296e79e48104e23b3a3410bd7264e2bd2de67abd09b5d8fd6e3080cd72b0bae7baac7e370c1a1e4111b0be15b8002eb811fa24b226d887253d087e97adbf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d37cb16ef5eb861d_0

MD5 3a62911961cfc3d1b03ed6172cd96d4e
SHA1 e37a93f7d32ae34daddf1690e7f33d18daf53cf8
SHA256 12139253f84ddc26017b12dcb8fd9d2fce046393ca01aa7d5661c32a33d1b5de
SHA512 67ed179e9c6184a59f02beb2d39426a1c567191cdb0473c26770c76838dcd65785550b00525f605b47992d606935c4b471c977d9bd193489c848651fbfa7194c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\06450eb6a7b09545_0

MD5 05c2f2298a5f45beb424af8b1702f512
SHA1 4c2fdb53fc2457284eca0031d7084fb8ad1c9397
SHA256 ad7a5b2bde0601a35b6fcd2e5e030f2484f0b5309aa7f6a0e9d06709a0d081e4
SHA512 a5fa4fc9d608811fe2573633755f6dd0da2e634423da5bc2a7d3b2d50638b3a6c26f35a3f1bf1f33e162c17a5b7a0add589642d9280875d645c5a83f7e67ae77

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7bf38fe7bce488733c09dc00fce5a709
SHA1 eaff4a933d79130dd536c13e04556c9484aae4c3
SHA256 9fc0f185f1a258e573b8b37284fc2b18d34de85e81de6d6802c06175756e13e6
SHA512 1acd660fc579494e01fb925bc091c52696cb121c8994baa87c48514fa2da1111b3582b784843151a7b7e1846eadb70383b84e0f62bf8163166372c07576463ee

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 305adb507509af2a37ba30575c5e82ab
SHA1 4f0c844bd57e61c18a2b4370132353e46f0276cd
SHA256 5c18ecb28b8e0227771ae482a3c4329ac5b1f350d1d8b7f58aa14fb48172b537
SHA512 0a7edb176075e1e6556556b408b898de57e33bec90de9732a20e5bd6f703a9cc31fc4b4bbcea250c9518039a7946725f79cbd7d2c644ae9aabae9e01305eeacf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00017f

MD5 be53227b5880459f9a425e8aca411d82
SHA1 93e6cadf4fe7aacd0e82c15ad64a9cc55e7ddb15
SHA256 81d6840209b4633d6a36bd07df159e6da0fa2f794698a8c1fc5649a11a500539
SHA512 0cabcae5d9b1e186b9560c62e990a8df0133e60795350f03d78a258832800466c9a87e0e78ad9386a6eed6be1218c0bbb67b37cf4a34061145409d2e99818540

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 20b7d42e5c73d22472a47f50dceaa658
SHA1 27909871479f961b93cabebd2801315115e7ab67
SHA256 e21a7581db62731eea736c259040ee9fcc3b8a2a9549a23db342ef7fa937e241
SHA512 f82473c3d495ca9e17c45baddb6ceefaa885fabd651f5d0ff6ecc20e11ddc95cdd7d8ab6f8db1b8ac9d535658cd6a8ddbe5be9ca2f1e936e40e545af3303fab8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9aa39707a6c8f0deacd6525d92592b50
SHA1 3b2eab100ec32bb274611d15f555509224082bdc
SHA256 14518ecb568af7d6d0081d6c7f6fffa5ef73b3e78109e583f3377fe874d1a972
SHA512 2812389764dfe572911bd3cb4c071703489d482ae955e5154ca1e4489270bd902aede24690b47d422d6663a9f4f94f821d21d5d08845a07d400e1b5b775618ac

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 0a086159916f6b987e13c1034ed4a6c4
SHA1 489105744e8d164190840143f7dbcfe9e5509f4d
SHA256 c62ca2d8ad16792c3713375957e049ab7b2ec8371a622ed6c69d561fcad47c3f
SHA512 d7e41d5b8ecaa759cfc11a1feb48fbba109be7a5f1e931d847a87eb450934b54cd3922f7df28c3979e807b857734ae62f1c830c5e0fc95ee0866a0617779c5be

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 2493a045093e9d63ac27f8d120f3c4b3
SHA1 4656daa49e8f90e49e2fd251db99bb02785d784f
SHA256 27a0741a9923cabf54199573d3816f105dfd8989ecdbbf82eb09dccb80900063
SHA512 8699d3a8e97baa6d0d44dcdd4637f90e0e6b4326693d247b22c9edca1a711a191ab3fe1191f6e5ef1722deb0ecafda649024e5a815cfb92c1077395808b9dcff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 88c37e2088917e137e1d6a1b015528be
SHA1 f336ffeb4f8397ff0e6ab2498b4d7a1bdfef1a54
SHA256 dacf6082a320b609865dd78d5674a9f47eba877ba0ffa9cc0e583b9689eec172
SHA512 0db1866995823f8943d22031f04fb203db17dc96717432844818e9d285d6115abb5cbd8ba0ea841a87e17bea092b8a62561be9ae3525f03c546b84e31bab7d80

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 a1aa55848b1eaef6ff520959cb3566c1
SHA1 cbbfdef5abf76d533351567fcfdcc32cd3433629
SHA256 eab6142bd5b4ccb1c84ad6a9573f791641fab0cdc782a942441d8c7a7c9e18f7
SHA512 0929328d2b285df84e724a981cd66cdae5dd38d75b92bf756d670877621d15e2156dc563525ae975eaee670a4434039231f08739571e83719dfbe69df616ac7c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f7829503a14a795dc898ca6af47b8dc1
SHA1 ede73bc390ac406848f5c8c90c2c3fd2ac395895
SHA256 abb8d83b371eec112c275310363df2d799b420b72a3808b2f239837f01c2da08
SHA512 801d395bacc0a39edd4c16df099c8cc81773e748a8e247f24371fe980fc8811eb229249801ad3c726c78edd5e21ff1e620a3e6f2d7586c1cc8e35b1935bf8e55

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 70fca6a009835ef7e11ab9d899d1be65
SHA1 d1cb2ce6ba32ca3e4263f67d48dec8ee70d237cb
SHA256 92cc0f0490f8eff3075a79655f21f829de746423330dd6aa5d07e299637d34ff
SHA512 c30062685d5563caa8297ae724f375a6629d36f721f3e437ae2d5ed86b660ce3135fa23ee027e2c19131d5af48631950cac4f49d473d2919c4d6110ba9da30b9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 291f9dcbd79e9cb155de2fd0fb685cde
SHA1 63e1fea99b4cc34cdaa3bbd40bcd9a636d28aeef
SHA256 5c5fadfe9e7fce7c8b7aa7090e212391a47f3f12a3c4516b630266c7a8c9b7d1
SHA512 df88011b35f4d973116cb5ad4abcddd5049074c57f433b1d784560ea0a3c7cc1ed7a76972e96b44e8e828c579c8dff3140917e17169e8d8b4f8ac3f10e971bf3

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 96a5cac1e2901af5a8610953d750b074
SHA1 0ce6cfacf281ef669b1fe3cc856556fa86701727
SHA256 b81ed423a1e9991b07dfe030c1d8198be60bd27ccae1a1c776837175261f90c8
SHA512 50d6908b1eab5769ee3bd592273e33dad5db08f7e1a69eea3b3735c748bab05dc2296ddc0621aaa4b7656eb0551a856d3a38806a4ad460d8342cf6b4ce58e2d8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 495ea11a9ce7c02ad727a649c0428117
SHA1 76c8a9594d4f4b09c3927b86e89a8ee7db8ad082
SHA256 0e5c08a92e758de4129940e15799bc452c2f775278c3666127e3d8ac89c90397
SHA512 eb3c9e6b652b0af6c06498f2b507229c7c23ab646817d0e4782cbb453334de720228f967882e0eb341d3d4811839d8cc7b7d57d3bf5162879e6ca5140db23a16

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 032893aafcfbe36ce0b3f1e5f5f455c1
SHA1 544444f3d116ff9047a9d2f27ab24d2554898369
SHA256 d70b886f8cb14562eebac21f2fb2cfc476864ade5e974f1734c3d55dddba68cd
SHA512 2ac6848f2194161707e4d931500d80c68ed7b8843d78ab9d10df9f75d1b1bd0458947458105cee2dcee2a7a0ac3d79785146b55d3f899dad6fe3e17426a058db

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 18444776b79adef9a5bc6fea0547fa14
SHA1 dafaf237401daf5a96d0456b0f12029870c0d1ab
SHA256 e373b72dd66a3a883e3e43e3b4c13bd19ffc05551984f8a599c5121bf9ff7e53
SHA512 b20a874d236510ff63623a477f89944c0f0cf7079af146825109cb41d30f1e58ac25aa44d9ce369f617743ea552804505a2ae812a9ab10fcc136348206ba4fe2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a8ac2e058172e5f3fc3bb054a7f720b0
SHA1 78b3cb312db7fd7d8cce4e4feb044a9879629ed7
SHA256 ceff3e40a4d0256d02a02fa8ea5bf49cfa27b62c0c26d20b5ca5978436afcdfa
SHA512 789628e94cc5b5e8ec227e4c48981f82ee1c405ce17d92be74860075b0f4d946bc77d24e3576d12c1e4577ab6cca60a138bcee6702d698a940f804e124dd2441

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 983f37bd49bfe3dc4ccdca251d300e1c
SHA1 3315de4bace89dea8580fa166ed3c4ac2038b9ab
SHA256 eb3e386451ec7c68a2ab7a4325be6e0b042e9b1c4f6618213cf4f432414291c4
SHA512 e4f39db10b3d5ac96b463d94173bca08a8b9b33c1f0ad79fdeb4f64ae303c40462387776411539538fcf197a53ba06a3083f490f77003a38fc1f8918b3a00b37

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

MD5 a73ea6e1db27acedbe4055c448f82ef7
SHA1 01769a266d26c4b4b374099606e86b8874ddd55f
SHA256 c3059c62596021e555ec7901361fcde75078ad931bcac6027539930bef8b77d9
SHA512 f9cfe99077e40ac3ff11ab39020d6e159ec06cf50f9b1d156858198d48851d29de8882a18609a17dd30ddea421c6c415683b8d7b14fa30a51ddd1cd76032deb4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 070e720b8373ab2bfa884c3706891ec9
SHA1 28847c70164a0ff944fa2fb7c458fce539aae11c
SHA256 9e4ea15b89db6f70b15c3430d867295b1eab7a5f6e59ed6d7d7c1eb05479b15a
SHA512 90c976bab76b8a0fcf9d34e3a657796263d6e2641e3c66ae9f2dff966de69bdf54a5ab9ea423442ce959c86a56c45d4a28bb67cc11d2a6be613040da9c06e14b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 b9307834b3d40228644c815bb7b3c7ee
SHA1 94347afbc8020691d36ca556463fedd616b20573
SHA256 b8b7c13398320b05beaf46898701de4a246dd8e44f6319fd4c6163a0af6c6dc7
SHA512 469330fd763e86ee0d06c432b087a43db4a4c214f6e61cf9afb9a22def8487cb97b82f9f3e8be8dfe44f357d3482f4f43c9e7851512c82f376af3aafc436c03a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4e8f9871f53f88ad0bd3bde50e04908d
SHA1 2f44878baebaed222d756d926ef6277003d372a1
SHA256 ffc4b429bf7f60666fab2ce000be24a53f04361d32e5495665eb17431ebe3e58
SHA512 61c308a7db943bfcd18325665aee71889757c044bf28010fc21c6aee3f3720837a78341866d2d5781d85ce5546efb6116a16befbeb2dec650350fb38520247ea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b802fbee86228654addd7dfa50f7cddd
SHA1 d1e125e5ac124cb4b14f82bb4bef2075c33b444c
SHA256 8d0df26c5b2eb22a76a98f8cc5c4f5723ae4b37742f672ad07f987547c09e033
SHA512 598180df5088e3d1b1018603c069abaa930d25d305014d9d95d1a48edcd3931972d0a7e474b21a3b52cc36f5373e9cb987cc68eed8300832c20def43b18dbf22

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f99f935f4f99bd3bcf0ba5a697184a67
SHA1 1f22d2f2ea4c65ee2d56ffbd9cfc9af7e7149e75
SHA256 ba2591d66d4ee70b16d9d136ea18cb746db80c9c808ec50792d445f442efdbda
SHA512 cbe55107921bf3e777292f4015b9388d5c3f562521ab41ec9b02b20b3ad6b270bee9eb70d4c4602091dcb045c1d739aac6350c74455c66f6eb95a9dcc3ef1cd6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 910736797518689d7f719fdd3f0c697f
SHA1 5b6f65ff304efafdd15c20da0c7a428cc6bdb8b6
SHA256 55b9c65211e817c787b4cb22d914c5f47259a57d0c159b245c7b89b1b72718b7
SHA512 d9d62e5cfdc36dc1b996d7041a84e122be057b8f6c07dd8bd546575e8ca76555c93853eb52dbd10bfafc9a64a42ad1ba85ce0a759bb34d4694209a0a348fa88e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 756c090f078d769510e3e9f3f86d2fa6
SHA1 a8c9537b5dd9fac75dd2d1e661abfd1e76642ee3
SHA256 14b9195babbe65f4455c1669019a6a499bec499c3bb6d53f8ea2056c57f627eb
SHA512 e3e9a93cbc02993036934446bb2c0676b56de107da1ebf8d10bcde1d44132f530d69785e6f132f27270edac733f015ff63673eba463bde520e7a15609fe38980

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7d4696341f9ee680ca5d5ae951c188d3
SHA1 d37b092c1ae3b22d21f9b20565fdf3c71e6d7b05
SHA256 0e6e72192669c4a982638d950c6bca4d91baf1d8bf5ed6b2539f80552555bba2
SHA512 f7d989e35d46375c468768adf09d2d03052faf2631813bad7e4f1207243aaab25bdf6cf075e0ca67c5992841adb73c1d3c167d06f58868e52b2c95ee44db2005

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00019f

MD5 2e38e19d308170fee992d413f28a67d3
SHA1 b6994c9faf2a932bbd9e8492c22d95784262d30d
SHA256 8f13f722d8ba8ad453e296c29fdadfa2c0ad2a67fdf83dd4c17f90ae94d831b7
SHA512 5a27b85a09f2656829c07413ed022e695fdeb43588bec89991cff44aa6606da4903fe2250079776406371c7498f7c5c8622fd5d8d4dda96190e30a1677128dff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e2fcbe28a01771b0dce620df3aa977ab
SHA1 78a3ebe58c82dad341d71431434caf791a51c74f
SHA256 268469d3b7fab46175a352feba9a580651647c2802009dcb4fc5cb7e4438fd65
SHA512 e9a2bf1c20853745a0582db57f20ac92e9f3e3c8e1ef986fdfecb6386c9428cecaf191b057ee3a240dda188b941e8e4763f698aaa1f23a7b22c1e59901c231ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001b5

MD5 1d8b274c7cbd36df70e46622bcc0b8c7
SHA1 caecdfd749b651f81279c7a67b6867a296cb71ea
SHA256 3b1dcd1bc72d9ed17e4f6775522df4f88347bc5860d0a153e05bef611f20cf3a
SHA512 15ac5b7991b3f74914c3df600f1cee393320d4fdd77f4097c7c77380e5b609688fad2dc8a4cc2fde7fdfba4a204c043ad18024a6c23a7107e9a7433e20ec50bd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 257c8fe7ed6668e608f594a2dd5fe44c
SHA1 2fac339b90ec53010c873203fe0952522d8fecb7
SHA256 b0d1bc3cfdc17d5fc5efba5805b893f8397071eb3ccd364a63ad1478a732be05
SHA512 7cb5c3da7239262cb25050b3ae732732bba802b1ba50aab4b79f68e8e182d3172ff81ebdfc1340bda93f962ffce0159b09a1c7af77af678ba539fb5dc9c349d5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 f93cd5aea03573ae3493d3c4e4ff174e
SHA1 47be1a26dfa959ca3e17e5b1deaccc382f969789
SHA256 d703d0c0a10876da975f8e38fb7a25e5f525fa28117b7d3389cd45d43bb36cfe
SHA512 08d180c6ec6806a5ad975e9aa976c128f5efd0939d902a1d5bff3c2a431f5376af245762dbc4388454da94b9da103af6cec786a3a18a8681f45c32da2e949ce3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b69b35cf93f579747157420fdb6e69b33a13cb7\index.txt

MD5 1d7c2c8ef09bea53f7a6baf9f6d3ce67
SHA1 bcf2d8ca47c9d48ced93fc17f2d8c49cc9fc8a3a
SHA256 0849ac0d7d449ed1c6ebecfc487c7307d17335f286fd02b60e12e27ea3b34897
SHA512 c180d8031d700fd961d61f1a212554b34be44954d9c5a19e1e67f895733db2b6f6e86a4d8020db43bc8b1ad7fc2fd200a651382b5d519759370f1ea0e2baaf2a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001af

MD5 021feab5ce772790410284fbecc609d5
SHA1 4086f53b98d49c0d51b2869b4294f638f579c040
SHA256 b4b5b19bcd076a67164666744070ae32edcb3acd47aad1dfe4778fbd50f1b31c
SHA512 2c249ba164466f556975698bf16793df895afc84c6b962bda9727d60e84936c53ef178da75d684299e348bf9cc4527075334d7eeb9d31972cb6f274fa873b146

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001b0

MD5 29c16791f744d26b7ec8f82c415eda56
SHA1 fec5cd28f3bb145eec649510ef3fb9cc70ba734d
SHA256 310d7f39beaffe414d5259de2273fca7bcb4c588fb668893ab3bca1d976e563e
SHA512 b7076d414f6c2102b9729c31aa9866e289640d6cfae3daadfb7b85bf640acde170067f37d3db20885811650e7b2767ebd977e17f587e6ece5078281bd596c8f0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9ba8ac573febd780_0

MD5 59a4a546a3a5f38ac965ab75279178b9
SHA1 5207898bc3d30c003fe3aa51ec8e4ca1484dc1a2
SHA256 bffdf396e75549d87b07d1c7c716d2acd74650dc027cd496956f1fa26bfcd0e7
SHA512 5bcc8aefa71be4225c73a27ba48871d3a71c6681d1d33a2587f0d82ae3d8bf400ba2a35c9535abdba11d5b288268e7fa227f1b1f8bf91448e93c09989fcf589b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\10693df979f8212a_0

MD5 97c39230d89230648788b339e89ac86e
SHA1 21a89584138078e8283d1ccf108b51a5781d823e
SHA256 9b99d5ce5bff278cef0740b868e392e240b4d8812bdb7ccf49c42f704eb1ff16
SHA512 9511cd348004c71217a6678c1ad38254572060008f80c61f6b4935e953fadf92a9151236c6c160d6a95f6b3615e70cd9de0d8d0aa39b7d7e544ca9fd46db6c0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\9433703e13414d23_0

MD5 bc532141548df0de34392afed2b8f208
SHA1 16762f4be3006ab0baac53e827e9049c186705dd
SHA256 908f21c46cf88e41b38867d7bc62a1b488e7c6d1dce2f45737d7e07505acabfb
SHA512 a3a1f3dad61d90456e9e86e17a4af06cfae3a92879d1d4152655b0c9c465df82017083251a89d5439188d1807e302daa6543ef8c8a6c6ddf5568008c0a49291d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\daf9b9d1ea79748d_0

MD5 662a0620d42f99b97d0697f15f126ceb
SHA1 07aab1ba3111e9cd28106c7eec85c1bb599c198d
SHA256 5e2d034aa882d867f6b1b9e1fa3ba2a32ddbfd34a19d280a0b269a19eee50107
SHA512 2e4a71c574d53a71309a4f96652504bb80f6467d9b21280be203293fba706cad22923c1915a4d5e3f2c848a1a3443408544906b233eef522a2912e09f7260b7f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\94b26deddf5c7ceb_0

MD5 faf458050c9500c7f15f629c91aa50a3
SHA1 a07b86fa64e064e58a1b37a9376ea769d1903133
SHA256 78b385ceec54629d3fe7ade3b99835360f693f5c72d629b5203f34ad64240280
SHA512 74eeac3d1864130997eb52f54237a514f7d51997d0717b811779e070e4f16408c36ceb352fdfca46df5d366a7cba7264c7a636c026df9415ea115c254ea218cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001d5

MD5 1aca735014a6bb648f468ee476680d5b
SHA1 6d28e3ae6e42784769199948211e3aa0806fa62c
SHA256 e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a
SHA512 808aa9af5a3164f31466af4bac25c8a8c3f19910579cf176033359500c8e26f0a96cdc68ccf8808b65937dc87c121238c1c1b0be296d4306d5d197a1e4c38e86

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 15007aef33b360f61b1b0998658bcc92
SHA1 19b26488cc52977b16e9165a14b342555b793ae0
SHA256 c2eabfdb69ede6f73489040cace718135a59fb25c6b225b0ac6902ec766e67ab
SHA512 8976ffc185e7b4c2b1381f0703d1d6c5f9bcc170c1c05867cf108da189c45cf09a69995f861766db6fa74dfab106e4459bb39680643ccef6a2fbe9154cb415ba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5e9076.TMP

MD5 0830cbdbe972d37f69df562cd03f7469
SHA1 346d657d151ff6a0ee1b7edebc5c147c2fe8ac48
SHA256 75911a66fbb6b2b6e988bed25cc3c00a43b898c8835c4fc82c258213bd69d317
SHA512 e85fe04fcb17eb04d55d7d3150833df4801e3f2f157a8d0b5a781f525387862d85a12d62d5fc780f095114b4fd09dad291bc7ab579b720507a4bcb301bef3484

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 fb98c8b2794a83b39768301e049265e6
SHA1 76c237dd85d832a5c97f69ea358ca3b49e5e9770
SHA256 bc1239a7588261ef7fc3abc5be590220e5a7cc4db3df02f9d401f92aceabe163
SHA512 5a1f9615ac6318c3c8481b52e4b2186a722749e8abf3a8735703cff5f5cc0af4dd235d702cb25ccdc66e559ca32e502e75841d1c400f2773bf276e19ff196865

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b69b35cf93f579747157420fdb6e69b33a13cb7\63cbe531-4740-43a9-bf18-c0d3d24c0696\index-dir\the-real-index~RFe5e91be.TMP

MD5 8054364cd9e47ea8aaf0776f69004438
SHA1 2d47e5b982f587e367dad0b031d2d6a77d9c51fb
SHA256 d4bfc82103b0dbf787faa40e4aac7b0b7ad610f19525aab894c36bae53873f77
SHA512 89d476ce1d25f34221d892a05a180265b3d6f07bcf4ba1d859964a8a4a4badc6e634b8366284ebb3b467ac98070f16e3aed8366942e657b62466cc9ea532cd22

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b69b35cf93f579747157420fdb6e69b33a13cb7\63cbe531-4740-43a9-bf18-c0d3d24c0696\index-dir\the-real-index

MD5 cccb69d6c88b357c7ed1d55aa588e948
SHA1 db1ed5f56dea03b4b0e0f31cb227c7f28fe05ccb
SHA256 36dd104939ec70f46a91390556e108265753d0e2a99ae4cbf5f153c3e0f4c42a
SHA512 6736abc3830d60efc6e988547c65695ad91990c3b7b6c8409db2056995745efca36ee6ffa6ac51bd9a9c23ec95b233a6b478648e25ca9c28d32ea9aec3dd4d42

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\3b69b35cf93f579747157420fdb6e69b33a13cb7\index.txt

MD5 bfe5419b5456afbfe80c764d42b6a6a5
SHA1 71eb929c0aec1126291515b674f5823f0fc6b2c2
SHA256 e74c3c636591fd967bab938a85950c5292bfdefac356fc8c79ec432e84c23a0b
SHA512 ba2d4215d65f29fae919049f7755b8b186ff43017f0a8526e12ac780a48fa72bb81ff9aeef78e4983b121cc6dda3186d5fa58012ba11bd445470382e588ab0d1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6a1aee553cc373b8d27cb43f35630151
SHA1 e9c6d51fa11b8d18d0c560795812c5eecc1eec46
SHA256 1908a580da03805bd4412de4e497fcddb109595eac6c7a8dc3dda4c076624478
SHA512 11e8dc4283e18a8e2e61a25cf1034f7d254cf6ac39c3f4d1f93357af088eee00ac02f089ac5ca34fccc9e8751a3339527e148a6a2cb5934372c9f644f817cc03

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 e9a636a1aafb824203d58a46b49b08aa
SHA1 01fed733f7c5214f6f3429c7082f54f985ae61b7
SHA256 0dcf55f6d805b4f74024b70d338b78b9f49a4f6bac32f5286c35ad8b60f189d3
SHA512 20e7fd0cf6a224ec5f06b4371c68930ad098f158285f8365527080deedaa86b71fe37a415569edaa5757d2a59e7fa81688a5c40b7a22d9037b115d59d8e93c9d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f1315397c959967d23ff52756c10a647
SHA1 19cfef0d54c7753e96f98de9e7cac0fca1455eaf
SHA256 73839c42469ac352fa37f4c03cc140c225a50ca09e3df6e3b335b06b8d9e308a
SHA512 03030b4a3adbd2b0f08f4eb123a557946ffdc32860bd49b445f499e6ca7a53ff5d4094a8586ddb46077ae4fea6dcce0ff2c6956a72880e383504e8c35190c900

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 4cc913decf2dbcd019c3616f6df8afa5
SHA1 2f7a91b1ca1eeeaf616e40b8cc2e67dab0ac4b78
SHA256 3033ad700dd0cc69bf673454757dc0ff51ea980cef905b011f61f84c303f8cab
SHA512 8ae6428442ea781f70b49b48b95ef8183205fded7a95e57f7cbc6191397c263bf46f7cfc45652b4fae6041e21843a33fd4aff6688753fceef495b88c5e284315

C:\Users\Admin\AppData\Local\Temp\nsiB209.tmp\inetc.dll

MD5 a35cdc9cf1d17216c0ab8c5282488ead
SHA1 ed8e8091a924343ad8791d85e2733c14839f0d36
SHA256 a793929232afb78b1c5b2f45d82094098bcf01523159fad1032147d8d5f9c4df
SHA512 0f15b00d0bf2aabd194302e599d69962147b4b3ef99e5a5f8d5797a7a56fd75dd9db0a667cfba9c758e6f0dab9ced126a9b43948935fe37fc31d96278a842bdf

C:\Users\Admin\AppData\Local\Temp\nsiB209.tmp\System.dll

MD5 cff85c549d536f651d4fb8387f1976f2
SHA1 d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
SHA256 8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
SHA512 531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

C:\Users\Admin\AppData\Local\Temp\nsiB209.tmp\nsJSON.dll

MD5 f4d89d9a2a3e2f164aea3e93864905c9
SHA1 4d4e05ee5e4e77a0631a3dd064c171ba2e227d4a
SHA256 64b3efdf3de54e338d4db96b549a7bdb7237bb88a82a0a63aef570327a78a6fb
SHA512 dbda3fe7ca22c23d2d0f2a5d9d415a96112e2965081582c7a42c139a55c5d861a27f0bd919504de4f82c59cf7d1b97f95ed5a55e87d574635afdb7eb2d8cadf2

C:\Users\Admin\AppData\Local\Temp\nsiB209.tmp\nsDialogs.dll

MD5 6c3f8c94d0727894d706940a8a980543
SHA1 0d1bcad901be377f38d579aafc0c41c0ef8dcefd
SHA256 56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2
SHA512 2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9a936938af551465f496f9b89748f9b0
SHA1 8f46ec2d682de781c3d93568a52ef52a3e06773e
SHA256 5c109065317450d72b86a961c7aef1da07258bab78976190c1d18f1183e10663
SHA512 4e3b179cae4e932f99937f5b710c61ed092471f99629439bca489d2213ac3178e21d3225c050285041f50015cbd62121fae44bba31e7c857a26bb7e70ce75572

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 9e25d33c3d103bc56953a620ea26e486
SHA1 500f02268ef0c28ae422d44f2462a3fa2953e907
SHA256 44ce3ef5e773e714de37406f329dc5f58e6853e712d484f8358974d8f87dc1f9
SHA512 7055b5a698c4a12ed5ad0b8a1472b4e889bdb4fec8b895cae035af9b0515260d4ee3b92b4e6ff57a633fc5b430cc7fe6c6cb0ac3aab995677df041a00583817b

C:\Users\Admin\PCAppStore\nwjs\locales\bg.pak.info

MD5 82d7ab0ff6c34db264fd6778818f42b1
SHA1 eb508bd01721ba67f7daad55ba8e7acdb0a096eb
SHA256 e84331e84cd61d8bdacc574d5186fb259c00467513aa3f2090406330f68a45db
SHA512 176458b03cc2b2d3711965cd277531e002ae55d284b6c9178d2353e268f882430235468e5a1e9e45c8427864d109cf30a024a993b4763a75fa2744f6e0a6ae2a

C:\Users\Admin\AppData\Local\Temp\nsgED3E.tmp\Math.dll

MD5 85428cf1f140e5023f4c9d179b704702
SHA1 1b51213ddbaedfffb7e7f098f172f1d4e5c9efba
SHA256 8d9a23dd2004b68c0d2e64e6c6ad330d0c648bffe2b9f619a1e9760ef978207a
SHA512 dfe7f9f3030485caf30ec631424120030c3985df778993342a371bf1724fa84aa885b4e466c6f6b356d99cc24e564b9c702c7bcdd33052172e0794c2fdecce59

C:\Users\Admin\AppData\Local\pc_app_store\User Data\ShaderCache\data_1

MD5 d0d388f3865d0523e451d6ba0be34cc4
SHA1 8571c6a52aacc2747c048e3419e5657b74612995
SHA256 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b
SHA512 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\9eca2450-d4bb-4a98-8a43-43602bf4eba6.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Sync Data\LevelDB\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Shared Dictionary\cache\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\pc_app_store\User Data\GraphiteDawnCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Users\Admin\AppData\Local\pc_app_store\User Data\GraphiteDawnCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Local\pc_app_store\User Data\GraphiteDawnCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\6e051011-9dbc-4855-ac6f-a894855a9d7d.tmp

MD5 728fe78292f104659fea5fc90570cc75
SHA1 11b623f76f31ec773b79cdb74869acb08c4052cb
SHA256 d98e226bea7a9c56bfdfab3c484a8e6a0fb173519c43216d3a1115415b166d20
SHA512 91e81b91b29d613fdde24b010b1724be74f3bae1d2fb4faa2c015178248ed6a0405e2b222f4a557a6b895663c159f0bf0dc6d64d21259299e36f53d95d7067aa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 94b6bdc3ed5b5c0a9b9fd9e1027eb553
SHA1 99b304dad432b4310d3b6a7528d96db9b731fa51
SHA256 0e03bc23ade3989da2d13f6848d3efa0d77c99cf892965dafe46656ae7988400
SHA512 71ad5c1f3c004777e395177f59ad79b2e7f45d87f07ffb2f0a90f91849e74a833e8151a9d0cd79604d588a4b842af09f317347f6b8348c02e236373dcd155b1b

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Web Applications\_nwjs_pcapp.store\pc_app_store.ico.md5

MD5 03e9f614a008075733c76883156b568b
SHA1 5f9cb1b06928487c4b836e9dedc688e8a9650b0b
SHA256 b1a6a6fb45ad1e13054c40dc7c09e3098ee830bcf1ebaec27f640ae4c64b8416
SHA512 7e6969c8908a6bf57bd2cb4457a7c78360468383acee589278e49829617e2f3b872dd8213e57a2ed8f512d444c67a2e619deabdc1394d1c39c7759ed3c744f94

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Cache\Cache_Data\f_000002

MD5 8e433c0592f77beb6dc527d7b90be120
SHA1 d7402416753ae1bb4cbd4b10d33a0c10517838bd
SHA256 f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
SHA512 5e90f48b923bb95aeb49691d03dade8825c119b2fa28977ea170c41548900f4e0165e2869f97c7a9380d7ff8ff331a1da855500e5f7b0dfd2b9abd77a386bbf3

C:\Users\Admin\PCAppStore\download\SetupEngine.exe

MD5 3af0c31420d331d34320212a95f4015a
SHA1 334ee9d0574fcc1e6ea93b6573600a1202eb7577
SHA256 f504f1cda90e467dcd93c10585895a074f3cbdff2b278fa49cf487b32a51f811
SHA512 6345ce334e6ed06e24a2bb561650a9fc28b2dfd0aee424e680b4d57fa6a7c7d14ca6b10a1ff03ec041f81257c1aaab27e3bb41be1e662efd9774e5b711cc98b6

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Local State

MD5 97daa395696066be93ecc3d692ea2b52
SHA1 65bc882dc23779a7c2a4ec865b04e1e152488f29
SHA256 7ab6d6f280f66e724defe4d38053d4e3817c96db3f6312ea0b12d2d296206fb5
SHA512 6db31473de086fc186eb650cdedbf8aca56445101f51fea4ea8968d3d772d7c9f2543b0a703d28655f7ae6ef54c1413d59875bf25452b3db4021b520172e23bb

C:\Users\Admin\AppData\Local\Temp\nss309F.tmp\modern-wizard.bmp

MD5 cbe40fd2b1ec96daedc65da172d90022
SHA1 366c216220aa4329dff6c485fd0e9b0f4f0a7944
SHA256 3ad2dc318056d0a2024af1804ea741146cfc18cc404649a44610cbf8b2056cf2
SHA512 62990cb16e37b6b4eff6ab03571c3a82dcaa21a1d393c3cb01d81f62287777fb0b4b27f8852b5fa71bc975feab5baa486d33f2c58660210e115de7e2bd34ea63

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Local State~RFe5f3d31.TMP

MD5 7fcac79beff83ec2216079e7eb770ccc
SHA1 a94b32a301c9f674bdcef847e5512a163d956821
SHA256 326719cdbc8514f591104e51ace5ea10a491e959e43193a4cf2adf8457120fe4
SHA512 2982fe8b1841ba3219438f6d372ed85d56f02e1c7828041a548ceacea6f8fd358c0c75c39ea57734e85ee0aa2dcf79398c63366c584e999fb53d48210db91033

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5bdd85b8bf2c79d729c8e532740821a7
SHA1 8cce457d682db7080e721a677a8b609206548196
SHA256 a4ce534424d90703b90ce3b502dfea72acafcf34a423a0db63b7267ff56be761
SHA512 421a0d8fdf251223a4ed2e925067c57fbe469ea19a3c3fa8b4e5fb5f3e83f3486ec920ecc4058231122a5b1e12a2bad891148b7c497547879c9fb03074f1aa66

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 2115a685e0170412305aec7be11253ee
SHA1 3b33220ddae2fbe46ceeefb2d427d2931f99cd35
SHA256 18d30e2f7a27943c7c80acd7ba133ea7e7235e5b0d61b8a7eec6fa62431380b6
SHA512 5fd5f331dafedf3e4750c65a9e282e81eec9b2c853a1c4946c19912f4a85f7e3e521885d64d5f3b6dd35dd8291722a7ef562e6ab249e62f2bc3a1215e20a29e5

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences~RFe5f6858.TMP

MD5 c7169614aac7bd1226e5d243297cee87
SHA1 9801f9c5c413d096819e09ba7c7db9bb697d70ac
SHA256 e1790305d559ab00237500155ab0d212cfb5370c6e50935e0f257582953ecbcc
SHA512 83ec2e2d9343e873cdbf8db465ac97a0cdf3016459a87f83c9823b9f538102e3c5ee51a7d394132ec4e6100b15e85fab362273d8860bddc8a917dae9ce8ede05

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Code Cache\js\index-dir\the-real-index~RFe5f6fca.TMP

MD5 d50cf33407d93be2d342d94a6c0fbe9a
SHA1 99f26b159df651566ac176e5ecc75b6e1a982f38
SHA256 71634110828c1fbcc4b7c7f884f2e690385ca9732e51cb1487cc103ee10624de
SHA512 f9df7cbcdffe9a8f80646ceb7bb544c0ee879394eab4af87ec82ef98c9ed56a1e9aeb1986335972275bdabada9c46f567dd58aecef1ef66947cdb3a166979c2a

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f24c0be448398e39e29d7bea3246b2fd
SHA1 2462e0b10f2bc1abdeb764e111e608d16fc98c3a
SHA256 0d4b327a868c1097f8ab701d761562aa26b010ccefb24cc7229ebabcac49e5df
SHA512 fea7732aa4135ec0bb2ae0a6d97e9973f06c9f8a18a5d99ff754511ce9ab706c973e509e7466d02066dc699ff1d5e0f5865e21b1a9c601f11ce908205fe5282b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e6a9b0e83c77b38a28ea595370a65d7d
SHA1 988fd4249dd1df48582422a336be5c38f64912c0
SHA256 2f1ffaf6901998076d5147c07a9395070055917cbc4ef74e8a69da16e9715fc6
SHA512 8c7d775142e1bd4c873cde09634e992ca2ced12e0f0d912b17a04adafe8bcb2cfd261cc422d8ed82e7bf6e705cd286ffe4d9a2591e5d165bdfb57a3638a4b8e4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 2d3db5e6416e09e40d5d5438ff84cd1d
SHA1 7c1b1d0e5ebde678cbfca4cff1dd206fda3a6b3e
SHA256 b3bd51436c17f2dd9d3b54b4e86c542520bf875549838ebecc78aa0e03ddb45e
SHA512 12f673df66b6bb4a387f955df008417d45c6bee1493f01893e4a5d40bdd9b578f295fc1b3f63d09b5c8bf582611f1065f1c8c7981a47022a212df9b4de477f7e

C:\Users\Admin\AppData\Local\Temp\nss309F.tmp\Banner.dll

MD5 a1b9bdee9fc87d11676605bd79037646
SHA1 8d6879f63048eb93b9657d0b78f534869d1fff64
SHA256 39e3108e0a4ccfb9fe4d8caf4fb40baa39bdd797f3a4c1fa886086226e00f465
SHA512 cd65d18eca885807c7c810286cebef75555d13889a4847bb30dc1a08d8948893899cc411728097641a8c07a8dcc59e1c1efa0e860e93dada871d5b7acc61b1e5

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 f05d69ff839688b3f61fef0b105eb23e
SHA1 5d43a09bce100ece287de7a76467b7eea0f721b0
SHA256 56d5fde9d8cfddb7fb8e00a71878ef3adee9fb7f4c3d1cf07d0ef00894d563bc
SHA512 3db18bce88d0ace5a132f3f8acfd56c15158d8f3275b46a32e61bbda2f7e63a35f7bf0667eadbf3654f693a16410b9ebc51fb2995d97957896ac285e31870a99

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 521a18fa8c176f292f69ae8190f7b740
SHA1 864f55b3fab78346aa4d5fa21f63f997073a2780
SHA256 3f5400835d174d8c89ebe95cd6359b15911f2c3e85d2977bdef67f072f6405ed
SHA512 a6655f06199d0f17eb61a0b0f13b022973f5cc85e12c33ab807a55e73e4d3225e0c080f0ab8de912a99b9d56f0b13795efee04d14742d3d02dfd6fb9b77d9630

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 5daf8adc0428a31faca7927c3d95e0e3
SHA1 f73dbdbbbdddb418da7e42382b6cb46b110c8b12
SHA256 ce80d07cc9b4c958b9c6befd9c2b930556d220b6446cfb838aeb7104a8759a9f
SHA512 2c44c96c684de84268a429492c4b2eefcf8cbf5f1634866092cf9de3e283ee1cc94259abe24a7a09e71f3ea9b325385ea115ac1b0815312c7f5c6f82dbd389cf

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 e4a3ee404e541ec43e8baee8b094cc49
SHA1 b6e2e0e1929b9c421de00dc66ce5e6a7b2cd3217
SHA256 a57942389b30f6304c71ea5e3c01234bf879bb20ed8bdb170bf45cb89d935ead
SHA512 8dbdbcf9cff77000a2d466c114bb1f8198c4f1dcec8c8d289042e95b27c02d9218e8c62190713786a3bd2f10a57ed8e09e9761b5815188649b169a8ec30cfd6f

memory/3248-5042-0x0000000003460000-0x000000000357C000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\nso7E33.tmp\SimpleSC.dll

MD5 7b89329c6d8693fb2f6a4330100490a0
SHA1 851b605cdc1c390c4244db56659b6b9aa8abd22c
SHA256 1620cdf739f459d1d83411f93648f29dcf947a910cc761e85ac79a69639d127d
SHA512 ac07972987ee610a677ea049a8ec521a720f7352d8b93411a95fd4b35ec29bfd1d6ccf55b48f32cc84c3dceef05855f723a88708eb4cf23caec77e7f6596786a

C:\Program Files (x86)\Fast!\uninstaller.exe

MD5 b3ab9bf4405ed41cab0ba2ec514ba517
SHA1 f801e7df5f122ac2d27b3b88f06cbc91bb416757
SHA256 03baf3b060fe592807a01f1a763b0da9f686dbe0ccaedaf2eda1949fbed8e184
SHA512 8499a609019970ad23ad5b5a8daf9b9f19e965470dc6942a90fa6bffaa47adcf81a34999424264843fd11a72ce68a6e89397ed329142a66519efb61af632f535

C:\Program Files (x86)\Fast!\fast!.exe

MD5 3b3ead51d26a7c68cfdab0ee1ed8e41e
SHA1 9bcbeb1605b56adbab57987e5d8fb65716e7fe39
SHA256 ffc8981d33ad515e5fd36258e54e07cfed91bed6b38fb131d3d4b64d0dd50a4c
SHA512 b6047e73ce39aadb96498cda5c9e302974d20bf12806cfec1569cb32e233417eb817a4b680853116f0cb541f83204ad9c2979d88f7f213b7addc0214d17a185a

memory/3248-5235-0x0000000004BD0000-0x0000000004CEC000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\nso7E33.tmp\nsExec.dll

MD5 675c4948e1efc929edcabfe67148eddd
SHA1 f5bdd2c4329ed2732ecfe3423c3cc482606eb28e
SHA256 1076ca39c449ed1a968021b76ef31f22a5692dfafeea29460e8d970a63c59906
SHA512 61737021f86f54279d0a4e35db0d0808e9a55d89784a31d597f2e4b65b7bbeec99aa6c79d65258259130eeda2e5b2820f4f1247777a3010f2dc53e30c612a683

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Temp\BigTestFile

MD5 092cdbd33a7074db48c6e85d0867416f
SHA1 dbb5acd88c309320ebbaa244f23bb840a602608d
SHA256 fde4b8b54064838cf07617e3cd626a6b5f1fa0a50d98ac2ad6dc5038c1a57fde
SHA512 6681623e8b7f8a674d92c4f44d98407c340e2334e1156e01f36567231712e266c2371b0217ee7612bb0d13d32426abc653c9ffe10893dea0896a8e73c3e2c89a

C:\Program Files (x86)\Fast!\BigTestFile

MD5 6eb8c366315498feabd796786a621bcb
SHA1 3074fbe6287be713de51280d8277ab2f4b707155
SHA256 626db8bea999709c8faead0ec9d60025604676fcc44130abe6c1168b90989b3b
SHA512 dc28756c56c8ceffde09717e71212c5335e7cd1195105f6d5955a8ea3419e11b63669b03c5eba1a72be84adc9d92b0a3250a991b7c6a59817d3ffd21fc452733

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 6c02e5b7bc3655db5f0557b7608e1e17
SHA1 c0a25fd196a3bc02d64f9a6c350fc90a50bff258
SHA256 9dbfaeec122024d17ad3754cba5b973bd7b23c8bac2efda2c30b8d936c330516
SHA512 b9fdaa01bf0e47c3ed69bfeb7397bf29af4f1150f1409ed617eda40526b72e1583276ea5f97594ccc4fe2147b0cff1ed49411d1169feaf81266e9cfec6e556d3

C:\Program Files (x86)\Fast!\BigTestFile

MD5 18e93bc604097acc5aadbb1284f3c8d9
SHA1 de17091cc2468afd9b5313a072e7f817548d6756
SHA256 cce12c2c719392e9d7c6da7a7e21d3cd55ad57fee862c4281ce08d1890053a3a
SHA512 595d2b1c117eadd5420f210d314944b6edfa2cd2dbc797e9512497fc6d9495903a57c1b9d68b6ebc760f251f3d673d8ca9874608d0500ab1ee5366ec8cc09fad

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 afa93c0d31872779b2a050d94e6249c2
SHA1 010fdb34483f00762044fab6932791e160d247cb
SHA256 eb43a5e599e2ef6ba6235111f3b4d30125e1503d19a3afa01dbda216b0072aea
SHA512 ba3b1dd3d71924a4d74bd7898b0ad89febb4cc50556ba6e0a59a525ad7c3b17cc1ef5649b53fa6fdd2cf51f1971cfaa8e4a7a211cba9c8d0226ffd699de7ddc5

C:\Program Files (x86)\Fast!\BigTestFile

MD5 7d3e8d6432475c0324104495e4352598
SHA1 c1d84809fbbd0d52ae795b5e0e57cc0e5dd92107
SHA256 71df50c2c90fe116bdd86e17fc519a5baef18ccf2ce375083e2cf7aca4dcbe51
SHA512 c0023a3ac5704d3171fc8119ab43d3eeb0536a06a4db9553acc9d42181cfbc76c2c92c19f62adafc110853b754774ea3df038dcaf2c55fb46da7cd25c2b64c7b

C:\Program Files (x86)\Fast!\BigTestFile

MD5 e5c1080c365d3e5e12888fbf6c651b93
SHA1 2f40315324f47a01fb79fceaf5953239d5e277c8
SHA256 8ce7e6234cfa89ce4d681d7003aeddbf3985f4cf71c5f2fdc7d41c699f44170f
SHA512 1081d462789b764b3fb6a0bb3ceeb988ca5a30dfa20f9c2897a17c871b81bee0f459093c84997a0e1e4e3266ee687f6e56283a70dbbba2f68aebbb7fb3cef22f

C:\Program Files (x86)\Fast!\BigTestFile

MD5 83c2467e535d90c02480c35ef0490cb4
SHA1 7cf28ac21a1cf9cc6d0f0abe9c9d5ac4d39da5c5
SHA256 c6ac8baef70fb2ff76c5d6eca4cab2d05646ca69c3a99fc3fe4ef85ad61afd5f
SHA512 90171dd4a112c630083ae108b4464092ab644f3ad6156e1686a736a074d2a2d154be785bfd1e9fd9822bd456632b94243291435d7ca844268bcc4f39fc434552

C:\Program Files (x86)\Fast!\BigTestFile

MD5 8a1a7cca8abf66eb506340fe84803b21
SHA1 dad034959768441a3445df2edb685c3b90b50a5e
SHA256 6e6c4ce30ad60f1e213c6cf35b0df4f205864e233849a2f33ac74bff4f8cf796
SHA512 eb333d4b8362ce861b51862c476813dbfe0c9ba716a88ad2cdcd8ff8f9c122f4db2a98964fc291f729224cd2d5fc9cb9c75317d5f5900d859321806ee04176d3

C:\Users\Admin\AppData\Local\FAST!\User Data\Local State

MD5 a43ce48f377f61496ae2c084033d35fd
SHA1 c91a81a38a34570e32f805982e32994963b43836
SHA256 ac09867c08a35d1de168b60943fbb5cb04b47f2702eac6f3edd50d46a5ee7e56
SHA512 fee1d70a3ddf20a58f6cae3ba0918c063523d4008d55b2f11968d6550a2a3000fa312d1f8f4f8d0ce382fa3c9b20a9a40af89546abd9190c444ddf63d4ab3bca

C:\Users\Admin\AppData\Local\FAST!\User Data\Local State~RFe6006ca.TMP

MD5 c85dec49e1d9841a5c9b90d2ef916ebd
SHA1 24644485e002a342db3c8fb9952dc0dc45d3c8ad
SHA256 9fd18593d96810ee130bb22434a682759f7429b6da4849fbd0069d20f0ab42e9
SHA512 9233dcc7f5ddbc3364258fce6a47fac46e96ee85d01c6dc9acc0b7963bda7ac9cd739840caee6fbcc71b16174f446cfa7b998a4f1b0a72b76663c825a9552e76

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 044055d3be108c79a31278ecd11b0e78
SHA1 92e152d606729ebb3cbf38d348e7816b88d555c2
SHA256 722294684f7f5d15a9ceda1f537b2e87dc977be715304806190aa872e7c08498
SHA512 aabd464416b0517d3ac8b99887aa4f6a013114ca26081ee699aabec096436ce100e4e71f43c42afa884db9e07168d0d0f09678343a2ae2dffc5acf38478ccbfa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 e5e5d6e90022c3f987d723986c332d57
SHA1 ac62a2b96b3d2c7f00b9ef5daf1c6ea3430b72b2
SHA256 eb63969647e0f5412afd7c66f7ff78706f698caf98b5da694df5aab31718cc21
SHA512 507fade31a4fdb9ee642ff9c8ce0c63d57d0b7879c020635a9da8aefb1e275eed313b082bfe29b26dacc22621126691ef8eedfd53c533e540eb231df34fcddcf

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State

MD5 3103245a13cba2a0cc4985c8655862d2
SHA1 1e3f8ef1db6e5738a948b4c3bcafdc4de9c4e72a
SHA256 3852217d55a0f01ea93937d90d30cabd2f0fbe75c02d0ef23d32cdfc722d3bac
SHA512 4f0f064bc170d4c28ea1e155e9fbe255b61a9807e8b8542e5a5defc66e34a72666443f5e4656c9e47ef4d7ff5464f002a38d7ec53a76d7d638022261934b0877

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\TransportSecurity

MD5 96a64b63827ed9746098c273211cdf4b
SHA1 099bd8c1d952336a3cdecd4bc66dae6f833b814f
SHA256 17181fa3156b9fe25cb072727823e460f34a9aa57993869aeaf15c4c7eb10dc6
SHA512 fa8e4a725e89a6129d1a8f92f480f2fc2120cc1e5a5ebf0320ac285db4fce1f74954528218c1c42e676300064dcb15638a61797acc2bf8f60ab46caecb650497

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\TransportSecurity~RFe603bc5.TMP

MD5 55a818a9f41a27e870e6c12aada970bb
SHA1 e57059336ceafaab72959f27cf8af384c0e5fcb8
SHA256 3c133889113a00736edb62d834e17920d5f280c3764ebf3c58e0ad5a9e369199
SHA512 bdcf16cf928f0a240fc66a488a9c409d9133e6409ea3f25aeb4f2168d8d793a7fbdc66df1e28c5950a983ca10dd3c4fa4add8c9dadc4487cd387f0b0bf2c2b22

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity

MD5 b78bdc97747e2296656b90c36c5a99dd
SHA1 978e6d325c0f5bcff10c355884a39ddfda0b1fd2
SHA256 97e803b9b4576cbb9da81defe2943f08926c6eced3fb81a6f82d20501e09bb69
SHA512 e7a0936af966a62fc27fcb013a99f0561a8358982fcca3ccaea809987d5996228825422de52893465c9b65bdb3e74303a3708541680587f97a02d7e73ef5501c

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity~RFe603be4.TMP

MD5 adb8351a1b7769eaad5e2aa9013e97bc
SHA1 a502ff3578dbb7289d57ea4f4a8b0feb0ccb29a2
SHA256 9abf6fe7953f95dc31871ad9e85cb2081f3e4bf0fdcdc699acdacfacecd3cbb8
SHA512 78c3461cea7ecba2e4eab8f1fd757c03ab27ec90bff2f272b2a8eb9a70efa10df7b58fceb286aafe17c23d92b13ebe1ac54b512002712832975a268ac1dc1def

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 333cbf69bd20c35aafc8b7e6fde92208
SHA1 c70a2b8980f5bc70e803a9acd74b52b86b11a7a5
SHA256 1d73b8b3cbd17d0ce6295aad3ba170394b71da5b0ebadcecbd9333cd8b80f8d5
SHA512 e4aecc5a51468231c895381f61b0fd78c47b0ede203449bf5d17e1276f2ac9f9513748e762d2cfa86eea822096e2db0e09d23f4538ed13e81e9a18c808ed3ed4

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Preferences~RFe605306.TMP

MD5 2dfe30929fe312515311b0261f9a1cbe
SHA1 8bc928b8cdc4a52762cf8f777126ca8a7933a2f6
SHA256 4261ae4f4a5bc0bde3d7775b9e52be431453a2705144f9e533ab5f7d2dcac1c8
SHA512 41e21413f428d0f082d17a2379ee9c6f683044d219b08dafdafdcc771920bca580d165d90e264ac10c41c7787e8acec2ade92b832acb990c545de8f88a89f80c

C:\Users\Admin\AppData\Local\FAST!\User Data\Local State

MD5 62ce264c7616b65c9f0ee9ddd93cb89e
SHA1 5f4164e52bf7f63b3d75d4a2d9b6ee51dc3e1ea7
SHA256 7a88c88d9099837f5c9a01f90437b75c116aaf96f829a54af6a1f622ecc619bb
SHA512 d54e70cdd1291bb27d4ee8f4ba538a3d49c7741e7b34700709717a9bca69ec4ca2607154e90a8d50003a861d3e974df6213a84d7326f109a594dbe7cfdcb6585

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\80cf20c0-cf3a-443e-a288-598c36c3c279.tmp

MD5 0274352de88b569bf7667335c05dc109
SHA1 d95cd3ebbbf63a14d147548d9af096d7094e611e
SHA256 d60bef8d7aa03ff60398625792d5391bad4bee4d1585f8456f1891af61675289
SHA512 1f7535bf94ff9ac865f6362453a96314bc6f5f4199d325023f97a066c37d5d8c4b7b6e69d4f0dcae2407a8dd4b9f118f1709f2e972ada9f37ddf1f791469e8f0

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\TransportSecurity

MD5 8297772e5441bbe921b5468fcba677d5
SHA1 491914d97ea016c47aa755e84ae12c5af2d37ef7
SHA256 a244c6909a040f7a230987e6dea0c8f1a550216918fdd41f7f7fcbe691d36b3a
SHA512 8347e853dad8397f3d4afb62599be0f2a18c5c32af4b3a5795debf1d3a144e4900b9dd1e0d623693c9aaf0a0f3e02c01221106a4004830fdb75e22ef7ba75d4c

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 05f21c58f6223bec43b6a2b870a3225d
SHA1 25f1dfacf6aede82322b6507868f1de4a2b30727
SHA256 db396e588c2617f80dbbc58ba47f550982b877437f0507533f6f5bb3c452673e
SHA512 d18a60a5e0cfe03d84f496c996f6bb12c4d63f9645e07966913e4830f20aade23114a2ff3681748161050b6b34b005067d3051ed075066fed8eed4171b5cc7e7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f5dc55014ecaa881461d452c88b03c15
SHA1 6f2caf99508407bd648e24ae99a29dacd9bb2217
SHA256 1aad76d80722131221263ba9c02982fee9fc6bd979f48f55ddb85f9ca63b5adb
SHA512 4c5589738422f962b495f55612340b7d8cc348b6665d8258c5dac218ff7fc6506a9fdc8720365354babb3e3e5a2f4ddc0ef7c809920f66fe0dd055b168de46e9

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity

MD5 b5d8c5db470ec25ddb53b5d09b0b36e9
SHA1 fcc5ffa2a26974b91f9b35461bb47530bccf714f
SHA256 f41ddff0f68755b45144dd1cd66384d33229722147e549d16c6c291764410cf3
SHA512 6c57301a97f651a3b12f0dbadb1e3813dc5905184ef90684600ea84e4e505b7583145b83829421908f80d31c859ab8905023090bb7cccc561ce439b314a82ede

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001de

MD5 bd0f953f80c0fe2506d14be1714aba9b
SHA1 94e41f5bc63876ebda71781be8e2e1ed436c3246
SHA256 8334971103b8e1f8a5a83ffc97949271dd8e407beef4f27f0537e97cc3227770
SHA512 72a0d8c31a42c3e741520ad1fe4bdc4362cbdaa439c78636b1d428d9b324e1925763f547c5897f0ea3093fd9baa3db9b00fea5d25b27fa0777b4eb693e1ea459

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Preferences

MD5 f19646df9ba2f2f2186d71bf7b4b0ba0
SHA1 0ab56f2d8c9e399915307d2c3b6554ec99bcd257
SHA256 960fd1461c3b1661650488808982c7edc6a2689bc1553a373192f3189329e77e
SHA512 cd0e1d100d1b1083f93e2abacf57002fcc700fa12376484048b0ee3334c1da2db911ea2a549277007445e0a19c5ae8d91dfb5831292eb31ae2ce01294fe05497

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 ee476de50337559ae4b5c6ffb76ab90c
SHA1 4c80e8c3a12d2f169b003334c754283768be42e1
SHA256 575bc1424bc777f0c2670586488c61f7955cff4e72f5dc1c6a2f8c45bd73c1db
SHA512 92c7522cdd3e76a8cc1210dc179546a1850b369b515ab6aa22404e25eeffa90543587af9070d70d774cb8d0ea5bdd93fdbde6477e676dad733e07cdcb01146dc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 fd14ec12ed245c1b92b4189821d5d1f8
SHA1 df82da4a9074bdd260802f8b010ab887aff6b528
SHA256 a4b532cf2fcf48f9911887339e6b07a60fc8ae49235130abd7c039c97a84cc6f
SHA512 4188ee69cf5538e06ca932334acea4a7a5bb521fd2ab3a44b2e874dffaaba088fd7c5e48a66ab0d2c6de377221f4692411ec955a42d1e45d2d899a729b7626b4

C:\Users\Admin\AppData\Local\FAST!\User Data\Local State

MD5 6c4c64ea0f08de096c6433ee0105fb84
SHA1 d4e573be308697b37940eaa3d1dc1c0851c4f772
SHA256 7e977370aec98ad0ab0f8cadc28b6acc1431cb802c90a504b5d3cfce801f0e66
SHA512 3f87e1e78617e161bc70f550f94988a1186e86e394beea18c50d6de3db3a06655e512dbf2e545eb56af17599f96b045e3ac83bad73e4a85545260ccbbe7cfa4a

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\TransportSecurity

MD5 f838a135237c157fb6d8adb0a0e17515
SHA1 3f9dcc4a1b5e7be14d44f0b3b3ebf3e99355134e
SHA256 a7ab5d8b880d79c970f5634d5ee33131a54bc6639aff6e5ddd500c18803af8a9
SHA512 f89276f842450187d041d56c8e59a3e78b307a014055e4f7af8b688d93d670ffba4ab5e0a23f24e97b28af07ffbb1577f01f3faf963cb099db9cbc9c6d28048f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001fc

MD5 97a3bed6457d042c94c28ed74ec2d887
SHA1 02ce7a6171fb1261fde13a8c7cbb58992e9d5299
SHA256 ae56cf83207570afbb8a6ab7cbc4128b37f859cb6f55661e69e97a3314c02f67
SHA512 6c8cf955ec73ad9d97bbb36c7ce723bfa58c9aef849aa775ee64ce15afa70afb40e8cd45989dadec420d2e8edda9ec0f05cc76a0602df0b6c4e5d45de0f4ce7a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001ff

MD5 015c126a3520c9a8f6a27979d0266e96
SHA1 2acf956561d44434a6d84204670cf849d3215d5f
SHA256 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
SHA512 02a20f2788bb1c3b2c7d3142c664cdec306b6ba5366e57e33c008edb3eb78638b98dc03cdf932a9dc440ded7827956f99117e7a3a4d55acadd29b006032d9c5c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000200

MD5 53436aca8627a49f4deaaa44dc9e3c05
SHA1 0bc0c675480d94ec7e8609dda6227f88c5d08d2c
SHA256 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
SHA512 6655e0426eb0c78a7cb4d4216a3af7a6edd50aba8c92316608b1f79b8fc15f895cba9314beb7a35400228786e2a78a33e8c03322da04e0da94c2f109241547e8

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Preferences

MD5 526c782af676bf6157aa11576255403d
SHA1 be626a2c1e54f0f4d4956deb6d0fad71df34cd85
SHA256 baeb6af51218ca0c37bb35d2474df98ffe484133a7c8fb143368c0e3ab0b052f
SHA512 8eab46ab86f4dd4b6d9f48fc4b6cbb4bd11fc828ab9a616845989175b968f27be45c4e5ad851b0a78bcb5a46faab3be2cb66b84386cee13987e4aa9cfc366845

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 fe38b34e0dbccd51c52a4962f86f0b5d
SHA1 36aa3f56fb36450cf7bc4771827094e0cead7b8e
SHA256 14367972ba113803d08a707fb8abb9ad3547083cc67c3e0654086eefccca3c32
SHA512 68df3886589f908af35e60fe98a3be4e6ac8781133f53e3161d52b959d717f968864b68f3a3f4b16f91f401f8d4b9372863872e69bb32acadf4c7851d67aa6bb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00020a

MD5 20d7c427bbf98e378299912cf57b0383
SHA1 80ffbf15ab2ec7c1b091a45231193e1b6b940f83
SHA256 7660b748001448b7187b0a9a0b9745d5ddbee9bfdd245eea33a309c76e91421e
SHA512 dcf7d87642d4d2a82656b4385f94d8c0e888a86226967189c5d1d745011217f44e52652ba437d61410bf28756f9a3a12d2b64d30de6710998036bc7c68058d12

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00020f

MD5 a2edb5c7eb3c7ef98d0eb329c6fb268f
SHA1 5f3037dc517afd44b644c712c5966bfe3289354c
SHA256 ba191bf3b5c39a50676e4ecae47adff7f404f9481890530cdbf64252fbb1a57e
SHA512 cc5644caf32302521ca5d6fd3c8cc81a6bbf0c44a56c00f0a19996610d65cf40d5bae6446610f05a601f63dea343a9000e76f93a0680cfbf1e4cf15a3563a62c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 39e4a25878c2e6bec2d7e79d11b3fd0a
SHA1 fa4786b85ce3cb55cad2349caabd75084717d474
SHA256 4526aaf3ea3a684f3736d3718196ad0c92c984bf4c61223f97ec4271efefddaf
SHA512 5eb455409cc1f07f9646aff73fe008d7bec426c54d5349a153e909b8b70feae9d1e2b35a4607c86e84794e706eca88e85503a5bd23496f84bb89263b86a1f7bb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 224207eb493169590a493bd1777fed41
SHA1 299cae4f8b742bc0bc60d5cdce8c20822d9f5fdd
SHA256 b27dbab670638ec7cc5b7e450bbd3fbb215be9aa02883d7ac10590b95afa2902
SHA512 4f021a3a765e810b51615e613225c8f07701189e9e391c0a115843b4f8c8a58d94e28f7fc2fd935757f2697946d71391e242dd6112fd36b2b5db4be23337ab7f

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 c7567126dac0c916ae04d9b1f1ed4803
SHA1 0241ca2987c82367346c290f887d134f08f555c9
SHA256 a5f00eaff32eba4ae1293856bf19ed592f31b410db6fdf9d0abba940dcf19cf2
SHA512 3cbf1133a5897934e28cc27c32337d69c0304c33262bb9dc600f888f448f65c6563f4bb1307aa3b2b26307313a11242aeb25d380e2218a1e0940b32bbfb9127c

memory/8088-6385-0x000001DEAD110000-0x000001DEAD111000-memory.dmp

memory/8088-6387-0x000001DEAD110000-0x000001DEAD111000-memory.dmp

memory/8088-6386-0x000001DEAD110000-0x000001DEAD111000-memory.dmp

memory/8088-6391-0x000001DEAD110000-0x000001DEAD111000-memory.dmp

memory/8088-6392-0x000001DEAD110000-0x000001DEAD111000-memory.dmp

memory/8088-6393-0x000001DEAD110000-0x000001DEAD111000-memory.dmp

memory/8088-6394-0x000001DEAD110000-0x000001DEAD111000-memory.dmp

memory/8088-6395-0x000001DEAD110000-0x000001DEAD111000-memory.dmp

memory/8088-6397-0x000001DEAD110000-0x000001DEAD111000-memory.dmp

memory/8088-6396-0x000001DEAD110000-0x000001DEAD111000-memory.dmp

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Preferences

MD5 8bee70cc1ce2d7150db91f7af17c3da3
SHA1 c7c2723144e5dde996b41ef0f076ca8a7821be8c
SHA256 8ecf6a2193a9cb7f148bd61749e3959770866ec99f3780041d5e0f944278c3ec
SHA512 05e4bf32ca98f525b61dae102c740823817394cc1590c4d46e41be171b4f06d4f9332c6ad6c55fe9ee724c299faff388ee7f9bdf26ea019ee3ad976ee284c6ec

C:\Users\Admin\AppData\Local\D3DSCache\e75ae0776967e3f0\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\D3DSCache\e75ae0776967e3f0\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 5da7aad8df6342db4528ce16b4f4e467
SHA1 08917ed58cc5bfdfdf2a34de4275356affdf2d2c
SHA256 690c594920f91b28ca311b79af9888c924db3b4fd31f3eb7e480045749b65307
SHA512 043c94c4695499e7a2047a9ae670942edf21822ff1a0a4c087fa008c64aa983eb2b34ddf27add6cdef091dac2bd7e5e282cb517128f983d51bf47e3391130880

C:\Users\Admin\AppData\Local\D3DSCache\e75ae0776967e3f0\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 7119cee8c52ce1ca22890ca45bebba27
SHA1 a8292fd51a05a8d6697db3dbb5a15a743019a019
SHA256 53178bac0a9f65e4f9a5c5a29dec03d0d34a048aaed4fa8625b68004725bcdeb
SHA512 197fd9a7cff0127cdbf3769bd1ec3c0f97f28782e6569f71484d0d459d313c057472b38a94f79b96ca6e5a4ca698c59ad25a929912a641e758f3561480600fcf

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\Network Persistent State

MD5 cca2c802cecab7c555e8b520f3a167e4
SHA1 099f610584d6e4e634efa62d51621cfc5a63f01b
SHA256 61639cd93c4875253fbbb82dbd8308c12fc6bad1d8c1fa26585573d993cad90b
SHA512 1236abcc7bd91a33fd97ff65d2acf879d9857111fefaad7ae6747651015d7edf1b51ce428255138b8675caa7f185f1c8b2ea155d6610962b8560fba7c90369aa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_0001e2

MD5 879a4377f9e417a29815b6ab478d2f22
SHA1 b1fb7d22f79df1f2bf8c0e8d6065fb6fc1cf33db
SHA256 ae00c9173e586ecb200caf81c7c3994e5865989569bbf2e63e9cdc0d107850ee
SHA512 e6c7314ca86b94ba31295d94e7233fa496d731756af93f2368078bc703c6f7184efbf9b2e9e0b21e586b3434e62226c35668a146391bea0f99be8db1e5986995

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 a1ef268b90338b66fc84d2cc036dbfd4
SHA1 51cc096f3eca577a776a5d4f0cc1ed1f8975e225
SHA256 faf18c51755f5642be9724472358e273ddb95cf12cf7cb5af257a9556c646057
SHA512 c645f9fe7652ee57fd52c2b43680ee48650c1b3bc80fd97a939116246172d443eca8306a0d83b7969387f9d79596069d92c508d77eb3e581cc54a90bc2babd1c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\63cad5f4ee91cafe_0

MD5 7221ce0b4ea211a7a55cdef2f58b6ab2
SHA1 4effe55a4e426dd517c2078f13c40ab9d491662c
SHA256 1420f7042e4ebf18a86b8eeca192da75a7b053398595531780c608831ce8a589
SHA512 063f00cb6b5b36e384d1327910f960a27735a340e2b0b7cdbdabf23d80df5a19c6c29fdaefc59b116d669756d1c3ae3dd4cad3e933022c3e567c420e5df0e1f0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a0dbd3c717c7f711_0

MD5 2be5e07ce9ebb0448f146d13137f0949
SHA1 1db9740914f2425dc021844ae49d9a5b45cf50bf
SHA256 7a6926ce96af02623cad83c289e53ac68a78557a75e3fbb38bb6e0fb4d4bc0d5
SHA512 c9c0fb4ee34b61fb71f5c54725c10bda638f69348185ca8e202e7e9ea571e0aff211e9f9f9e5648c4b17f6262783e9739732dc81572d8fd7a9fa2ace4a0f5d8f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5194a8f1b1a9c460f9ec3c512ff49d5d
SHA1 4d0c517a0a6d32b8b066d30bb8c72a96123ea2c3
SHA256 229b4fbe1fde68f170bf421612565e9a7f880b3c5096d88b337286b1e63edb42
SHA512 591e9631e82fcc7260432d4126c1fa97ce3a7764fe2a1f6021a9272a554e471bb3545941c0f8f434acdd2d89ebbe533b456dade8403cecc312d8c5513731d2e8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 738c50a9710a7a0983c8576ba69bb5f9
SHA1 4bbdcb7aee7181fbc9900b1c6f616ffe4fdc486e
SHA256 af62cf17b27af61128c2744ea3cd7b6ac75f20ce44b4a902a11c651ae861d399
SHA512 a33d4b41e59fbd8759e82a8e532fca1fa83c5fb0360b60b8614150a0e3c37ed86376a52831377ebd9b32c5ec1203b71b98579c826d6f2022ed5f7e437d5d54fe

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 38b0df7eba42262a1d1557146806f4df
SHA1 ff96d22f07686b3baaa00cf43b738bc113fae67e
SHA256 f06b9c027a5b6d0d5c79c8672283860dd74adac579b83d09e921cf3c22bb3208
SHA512 c56238662c10a483676b8dc8974b80ba9dd1feec3ed8de9073296ac8104d6fe2eeb7d9babbc64bdc969698979d8d12cd357fadf90c670808554bedd6986c774c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d411d048d605891e432b6a7698bb6476
SHA1 e18e07757c9309630f4356f0e5334fd50e16b1eb
SHA256 9312591e1c8f144c8bfcdbe14c41f195998777562d1c83abe181a6dfb0aaa608
SHA512 9b544bd93584e5470c6cee08475cb07514d5154181c75961cca589af34585c9d40cbe931509cd778b768f94434348c4bc9da6321421a86130804583b22b3a8ab

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 284019fdb4cc96685d7ecda7fe11dc3a
SHA1 2b553bb85deb50cfac326f2980cc0532310adb68
SHA256 39bfb2d76a8800b6bf9efc3f2f97a936ca52fd928046ace6f85627543a864110
SHA512 165bc7b67f220d6fc57fca8c36edcbb52fcc5772f8272b060fbc8d4a5eb3b100c0d5e0034745d9acf11f8a40eec3f48e6130a02437b79b62a1b789324abb626d

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 b6e23702e1ac2fa228668de4eae6f655
SHA1 b1c83ff4c9a5835dcbbce99e1ce4fa18bf29ea23
SHA256 b135d7862fc2a26828e8fde16722b07990ab3883bd4fdb3b7b1fa80b22799def
SHA512 79d37933d49565d5e593cadef4955ba9b141c322c6539ef855cfc500e606835e4c46158359df7867181bc61c220141e6b3016ff16346bad72adbd9c2b013bf9d

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State

MD5 cd07d3d52a5b7565d2d29ef9dc2e9649
SHA1 7ec36a33c61e8a4274623bf9028696ca18a650e5
SHA256 e15af255acaf6bf6958f52ad999b5ab5f662bbf009f231500adfc38bd791eca1
SHA512 03504e3c05ac5f153451955303bdd612dccf444dfc34c0168faffe6d4ca2a6704d0190973390ee27ed192845fe11395341c75681e6989a59933bdb98f09ffbe8

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 4aa1159e41fad1d19059e2d616e31a36
SHA1 b34dd27736076035106ed72cb850511aac2ec311
SHA256 070725b170d285944c5a980c06efa8f51e6cde92e8b376db8b1498f5fa81e0a9
SHA512 ecd83ec6c4a9405d55e4714b588dd9a109f5a40ca630b021f89853a14fe89eaa88152791c95719cc96f7eb723b8f2a83a7cdc1c0a7062b2856a57e07658c383e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 bd52b420d077b746000c365f88a98247
SHA1 0b19019ce5e3c12b0ae9f32a131b5d17645181bb
SHA256 7cf89269afa080b9457951c1cf6e0a1372815aec258ca41ad60b4964cd7d68c7
SHA512 f1695de4c85eb0dc7f933b2acac2250fddc70b78083dd54ebb77713b3389f3eb013f56cb4cc9931133ef4d40560e1fab64bda6855ebb8509942db392d7e193b3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 ece2b5168ee948b95220ac7a886a46b8
SHA1 01c7ffd2b2993d5508106803461d333eb1db59e2
SHA256 ba53f0442482625965f673250dfd058a90cf32da368df65f0390e00f791407c1
SHA512 80978e4d541bdc2a22b8ec99d28258edb13a6d6292a9fca96482ec2a903e27b47b28c6885c608ff722e08f39ed4de148cc85aee115230c1a553e4021880e915a

C:\Users\Admin\Downloads\Unconfirmed 263106.crdownload:SmartScreen

MD5 4047530ecbc0170039e76fe1657bdb01
SHA1 32db7d5e662ebccdd1d71de285f907e3a1c68ac5
SHA256 82254025d1b98d60044d3aeb7c56eed7c61c07c3e30534d6e05dab9d6c326750
SHA512 8f002af3f4ed2b3dfb4ed8273318d160152da50ee4842c9f5d9915f50a3e643952494699c4258e6af993dc6e1695d0dc3db6d23f4d93c26b0bc6a20f4b4f336e

C:\Users\Admin\AppData\Local\D3DSCache\79488f6db1539bc7\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 f9bf36470582452b98c31dc407614b50
SHA1 6a037bdf0d0b2855f800623a51218e9273693c0c
SHA256 f804f7d750b142454c88bf0c041ddc7f676d2fd9a871dad40884022a86ac2a18
SHA512 d74d281c537efba9a53cbdc472b2a4ae45632d576db52aea62424ea12bfc1abf71746b90c104a01b72524471c07ad7118eaf818dd4daa2253cd45c6649c9398c

C:\Users\Admin\AppData\Local\D3DSCache\79488f6db1539bc7\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 22bb0cda265bbf84589eb98d5e4c4823
SHA1 578c5b9b858da4b947e621f7ac1f2590e8dfcc6e
SHA256 c226cb68eb7d68baafce089f44ffa8e42437423dfe4a08f7f62245b79d7ce8a8
SHA512 1adae921ab13846d202fe79dd4b7b08c643aeeec7bf18b96d5bd54ad3b9282a6a2c7bbe613eb1e18485f50b72e6156ea57009bbaaf6d4d3b1c3e983a33b4c42a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 c7e0b804ee84cd3c7a882226608a4f91
SHA1 9b8e52ea3c433810b59a761250eb696f9949417f
SHA256 cec912aaf8a361e3cb5db8d5cbcd4909abe0adb167edb983bea6d86a516ea456
SHA512 ddfe29da08d498dfbd73cca4a5c2db0cc912ea31ab3eac5ec3c91d2d29e096aeaadfbec87179840e7b733f903bb632902adc3f8fe3e58ec79794012b6f347ca7

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 e7a9f0eecef10986a17647775ff8e940
SHA1 9589bbe8d4cc04b73f1f418dfdd7d3e6e33dfd35
SHA256 793c24612045ff722c7299ba8f9aa3117e1d72eca49608f62b087e377bb673a6
SHA512 3523dbf59a1f6d97294637fa3c897864454c86020689de8c1036a509d49cd55bad465c8db2f6760947c66200c139d75238286606de43ec99c704e823d7ce1f29

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 7b06af798f684a3c8e6aba83a20b6b5c
SHA1 50fbbe422d5a3542de89ef96a98674eafcd64ac5
SHA256 57fb82e7ea2057727a2b23b19701f7eac90a6d38e49f390d18fd83ba6457726d
SHA512 d326b946e64fa7ad31cdc45144a0edccb096d8b967305b0560838131af6528066493096f7a5e495d8336e7c205d49542819eb6aeabb2ffb1779cbb41d09b4b29

C:\Users\Admin\AppData\Local\Temp\nsoD4B5.tmp\image.gif

MD5 1636218c14c357455b5c872982e2a047
SHA1 21fbd1308af7ad25352667583a8dc340b0847dbc
SHA256 9b8b6285bf65f086e08701eee04e57f2586e973a49c5a38660c9c6502a807045
SHA512 837fa6bcbe69a3728f5cb4c25c35c1d13e84b11232fc5279a91f21341892ad0e36003d86962c8ab1a056d3beeb2652c754d51d6ec7eee0e0ebfe19cd93fb5cb0

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 b9ff8524fab7cb59c35ddaebdfc90558
SHA1 334699de16781ce99406790b22d47516cfebd10c
SHA256 fdc66dbeae373397f986164edd2b467fe1c8902202fa3b99834b8ef476dffeb4
SHA512 e3bede90239caa1038ca1ab2bc5829c6479b33fcf9b178fe9569ba312224d8fad32d9c643fb4746e91e10c09393b8720140677d9cb39d75078625f14724a998e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 bfdc0316712cdc54cdaf36bda6d55a1e
SHA1 86586b6c774a1bacc25238d30527f54bf1d7abd9
SHA256 6ff0869584e0e6906069d7a7b1356f132b8ef7464859609f4ec9f749d68edc98
SHA512 d6c6bcbc8bfe51d43b77e960564af3ea1fa6f38e6158405727a3fdf51f78888108781d4343131ae4f341a09341957b85cf1339c05951c996669479d83a9c41b4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f15af5752ceacf7b14341c43b50ed497
SHA1 93e63f15e9376b321834c7a5d3fefbc1c35645c3
SHA256 d26b91c1cf35663088d72bd583b6a96b08fa322e54ea3f3ac75bc4ddb21a07e0
SHA512 b6230f74688f1dfbdc15094a9dbf80b279f04c13a03f90d81a38d43b5e7ea414a5f2a83241c16ae429564a601bb5fce5fda92f9e66e2abd172900f8a94ddfdaf

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 98938b0fa46296efd5dced3b2a441c45
SHA1 0bb83604ec2dd94ca70bc70214084727b191297b
SHA256 917e7969f47a8e13d323f17d7eced3568de2ff3f04cc8f0e189289da9e7eb3cc
SHA512 1c516897990ebecaf8d4fc5187ea5eef2ad3ec80b44e555c3a96f09015523eff3acaea3cbcdf2a92603edf608ce0208e0be1f8512fde8c985caf7c1e53b0eb15

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 d303707e278c83da9207100c08da5bd1
SHA1 9881094b20bbca2ec2a6b48c61baa37d20e94046
SHA256 e365d621c281f18fd4701410ac76cf2934ff546ec580109e37f614e37ca7ab42
SHA512 42c9ea2a0de5c1e0140d4986b352f467a00246094d5776b539986416d743b7506ea02ed189dbd3bb4f9d9b31f741de53b5d21d235ffe3112c3ccd69f2f206b7f

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 d6c5a0feb0f25cdda74868936a996f57
SHA1 15909754e02bb3582ab0480b3457a9a6440e154e
SHA256 b593381e55916ea7e1b965594e6813f10fa5cc018e68aeae1d3254b9b9898cff
SHA512 8d16748261bc80fe2bab6b436b4f680e4e108d2ffbb2f1791cc721939b6492dd5c2860e9c0fa1ecc18db2581368cb3ee4e9f27c6a0d8a0d93ca428613bbbbea7

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\Network Persistent State

MD5 ee22c3bdfa13c52b490e23674707ad5a
SHA1 ffae253a6c1c932cb6992d5170af29aa12f0c5de
SHA256 2d6185f68928f938bc55cf2236ec7855ebaa35f83bd5020daa893f44b8a5a5de
SHA512 9ac8691d61a14e74287176b4789f2775e81047e0573f95f25e47b189fb9a16b33f312911408ff40fe91be15c4695ef714c2639f4c889621d1029243e2cc07d21

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 c6324d26343a73933864fbf08d5b6ef3
SHA1 0e98fa335af6cf07fe3ca954b4de58d2f45dbc70
SHA256 a05495b18fafa88ab698bee1a980808310e581e9936386b9226956cba1417149
SHA512 25626620a65b65ee4a5d2506d0b68b90c7b0d3df33f4a4f654ad7e4fc405edfde87808e8cc7be398943ca821e4518771291cd7e20503ecebd3db2f8907135fbf

C:\Users\Admin\AppData\Local\FAST!\User Data\Local State

MD5 1f38556c965f3f034c3fdbaeb684d0ca
SHA1 b0616a7dd6d94a9b171202a130b02be6303e9742
SHA256 97192fdd15e987999a189fbc65023e6338987b38b10c59785602e37341538771
SHA512 55a1ff835c35b03e8445643be7b79c13d34353abee6458cd00879b74bc4bab7c9a9f0c3b0bb649d490e961f6538076b6330a52bab1d68901527d3f2a11d6f69b

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Preferences

MD5 9748d9b28657cdf3172fd5e99a688bba
SHA1 949b7cd3bc887d0c76e27fad161a53d351cff809
SHA256 829478cd9a91063a66e57cb34ce5a2d3599e164d64be256692008788a99861b2
SHA512 d8556800617e1efdf7077c4346af12aedff776cc2424eb09ca69dc85b14846b98acdab9a1883c68a7541d58d18b009b213575aeaf8c63707c14227e7e8982c8b

C:\Users\Admin\AppData\Local\FAST!\User Data\Default\Network\TransportSecurity

MD5 5836a52c9c1cb61249a4f512bf97b9bd
SHA1 8667e0d3d2b86669c3a96c33b968daf9812dc952
SHA256 4b64eaa8efd88818f0cb99b2132d33b518cbecc077dd609cfba8ed618a780593
SHA512 99ab232bbdc404a4d9dd6f3a865b961fffd4d3a194828c1cc301fa284f9a525a11761c74a5a56a14f8850a6b1fe85e573535beaa5d5fcd5fb69b500bf12360cf

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 61f84777c195489219eb80f5eb5708e5
SHA1 e2ee627733299a8a51aa24fa8e530f2523d36fa6
SHA256 54bbc5c2a70c7f1a235aec8773124f04590e451103226d9730ba2d4e162d0fcf
SHA512 85b566754f0abfaaae0bb4b78fc384329b840fd3486df853a7cce9c2faed28a80d570644f58cae4dafbefc2d978e4e31394f4b646fb6f94ca26b7b35fb5ca6a4

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Network\TransportSecurity

MD5 fd05240b989446aca05b329313c7f174
SHA1 be6b00319d76ed8ad46c0f28172cbdcdfad3b42b
SHA256 d1cbfad79a384d9a2791cf0b90eeb6d921c744d8c7ec9417a0c6bae0b2fbccf8
SHA512 f08854c922f0388db87b176bc7d71a7167964d57bb889a5cf71ac9835f56ababe1925e42dca29c203817e1dc116cbcbb5699d79579b3ee768d68ce21ff0bb820

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 daf09ba995b6721d6193ca7f2a6b2a71
SHA1 c54f0503bd907adabe81cd9da51632231cc35ac0
SHA256 fa50c1976eca711034ba129a62088aab5278add61c629638dc9df9b35a8a28e0
SHA512 e584db7ea645f49f2a7d32170a736b651d2c5e6fcee6a0cb73ca961d5e13519ffc6b8e05011ea6c400d6b0bbbb3944abcd03c5031c902af3da06755f5eb9e599

C:\Users\Admin\AppData\Roaming\Microsoft\Templates\LiveContent\16\Managed\Word Document Bibliography Styles\TM02851223[[fn=iso690]].xsl

MD5 ff0e07eff1333cdf9fc2523d323dd654
SHA1 77a1ae0dd8dbc3fee65dd6266f31e2a564d088a4
SHA256 3f925e0cc1542f09de1f99060899eafb0042bb9682507c907173c392115a44b5
SHA512 b4615f995fab87661c2dbe46625aa982215d7bde27cafae221dca76087fe76da4b4a381943436fcac1577cb3d260d0050b32b7b93e3eb07912494429f126bb3d

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 a9287a98f800168b5330d6480e66c755
SHA1 21afc4109f70e60368677384e3c33648a20051a8
SHA256 253f2c89da878b19f984455ba475abfb23508b27a054e22d234b3f611a4b3b66
SHA512 6949e008d95ef39e06ebee6b5e70d48a9e28ec75ab51bb73f6f91e4f1af3ec19b59216dd786a2083d2d763dad0f3712d5e35617e0e5396a1d36c685dab1e8652

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 66452b178476a78808cea049d870c37d
SHA1 b6ec833e94d7063daa7855882ba21cb7f8328d1d
SHA256 74142949bd60f7210c3193211df0ab475d0d3cb379bc60702e6b6031b9a0f95b
SHA512 ec4d054eabf2fdc1c426c256b3b152183141d559a3517cf0df6a872baf42bee5fa1971998cc253f8ead475c084a7336ea4c4ec053e46d3156afa054d5ea1238e

C:\Users\Admin\AppData\Local\pc_app_store\User Data\Default\Preferences

MD5 40ceace90c988f2258888ac91b783926
SHA1 f5a325cf1942e2357a61c76b23d91352594fab8e
SHA256 66f6b0f3adebc95d040ad5d84bdbd69dbbb168255ab0e5c48c3726bcfa324c38
SHA512 bf1bcc811d992aaed6e9b17fec4f28d69613f756fc7869cd4f84be8861cd325cc2aba601ed250760a29166c4b7a4945d047291a06b9a404f76529bb647b3cfc4