Malware Analysis Report

2024-12-07 14:30

Sample ID 241012-wk6xwstbqb
Target http://google.com
Tags
adware defense_evasion discovery evasion persistence privilege_escalation stealer trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file http://google.com was found to be: Likely malicious.

Malicious Activity Summary

adware defense_evasion discovery evasion persistence privilege_escalation stealer trojan

Event Triggered Execution: Image File Execution Options Injection

Boot or Logon Autostart Execution: Active Setup

Downloads MZ/PE file

Loads dropped DLL

Event Triggered Execution: Component Object Model Hijacking

Executes dropped EXE

Network Share Discovery

Network Service Discovery

Checks whether UAC is enabled

Drops desktop.ini file(s)

Checks installed software on the system

Installs/modifies Browser Helper Object

Enumerates connected drives

Checks system information in the registry

Drops file in System32 directory

Drops file in Program Files directory

Subvert Trust Controls: Mark-of-the-Web Bypass

Drops file in Windows directory

System Location Discovery: System Language Discovery

Enumerates physical storage devices

System Network Configuration Discovery: Internet Connection Discovery

Browser Information Discovery

Suspicious use of AdjustPrivilegeToken

Suspicious behavior: GetForegroundWindowSpam

System policy modification

Uses Task Scheduler COM API

Suspicious use of SetWindowsHookEx

Checks processor information in registry

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious behavior: EnumeratesProcesses

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Modifies Internet Explorer settings

Suspicious behavior: AddClipboardFormatListener

Suspicious use of SendNotifyMessage

NTFS ADS

Modifies registry class

Suspicious behavior: LoadsDriver

Modifies data under HKEY_USERS

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-10-12 17:59

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-10-12 17:59

Reported

2024-10-12 18:30

Platform

win11-20241007-en

Max time kernel

1800s

Max time network

1763s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.com

Signatures

Boot or Logon Autostart Execution: Active Setup

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\129.0.2792.89\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A

Downloads MZ/PE file

Event Triggered Execution: Image File Execution Options Injection

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe C:\Program Files (x86)\Microsoft\Temp\EUA1E1.tmp\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Microsoft\Temp\EUA1E1.tmp\MicrosoftEdgeUpdate.exe N/A

Event Triggered Execution: Component Object Model Hijacking

persistence privilege_escalation

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C895449F-B7CE-4488-8D67-A70ADAEE27AD}\MicrosoftEdge_X64_129.0.2792.89.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C895449F-B7CE-4488-8D67-A70ADAEE27AD}\EDGEMITMP_A7589.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C895449F-B7CE-4488-8D67-A70ADAEE27AD}\EDGEMITMP_A7589.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxCrashHandler.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{24D9EB15-C93F-4014-95D0-FB5ACA65DDD6}\MicrosoftEdgeUpdateSetup_X86_1.3.195.25.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUA1E1.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\MicrosoftEdge_X64_129.0.2792.89.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\129.0.2792.89\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\129.0.2792.89\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\129.0.2792.89\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\129.0.2792.89\Installer\setup.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxCrashHandler.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxCrashHandler.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxCrashHandler.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A

Drops desktop.ini file(s)

Description Indicator Process Target
File opened for modification C:\Users\Admin\Videos\Captures\desktop.ini C:\Windows\system32\svchost.exe N/A

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\D: C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
File opened (read-only) \??\F: C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A

Installs/modifies Browser Helper Object

stealer adware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A

Network Service Discovery

discovery
Description Indicator Process Target
N/A N/A C:\Windows\System32\GameBarPresenceWriter.exe N/A

Network Share Discovery

discovery

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EUA1E1.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EUA1E1.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\LuaPackages\Packages\_Index\NetworkingShareLinks\NetworkingShareLinks\createRequestThunks.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\textures\TerrainTools\mtrl_limestone.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\textures\ui\Controls\XboxController\ButtonY.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\textures\ui\TopBar\leaderboardOff.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\studio_svg_textures\Shared\DraggerTools\Dark\Large\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\studio_svg_textures\Shared\GenerativeAI\Dark\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\textures\DeveloperFramework\Votes\rating_up_white.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\textures\ui\InspectMenu\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\textures\ui\VoiceChat\New\Unmuted20.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\ToastLite\Dev\ReactRoblox.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\LuaPackages\Packages\_Index\HttpRequest\HttpRequest\RequestFunctions\Util\getPostBody.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\studio_svg_textures\Lua\Notifications\Light\Large\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\scripts\CoreScripts\Modules\AvatarEditorPrompts\Actions\OpenPrompt.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\scripts\CoreScripts\Modules\DevConsole\Reducers\MemoryData.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\LuaPackages\Packages\_Index\RoduxShareLinks\RoduxShareLinks\Actions\ClearShareInviteLink.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\NotificationsCommon\RoactRodux.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\textures\TerrainTools\icon_regions_resize.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\studio_svg_textures\Shared\Ribbon\Light\Medium\RibbonImageLabel.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\studio_svg_textures\Shared\WidgetIcons\Light\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\LuaPackages\Packages\_Index\FocusNavigation\EventPropagation.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\LuaPackages\JestGlobals3.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\textures\MaterialGenerator\material_uploaded.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\LuaPackages\Packages\_Index\ReactRoblox\ReactRoblox\client\ReactRobloxHostTypes.roblox.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\EditProfile\Dev\Roact.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\studio_svg_textures\Shared\Cursors\Dark\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\scripts\CoreScripts\Modules\PlayerList\Components\.robloxrc C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\scripts\CoreScripts\Modules\SelfieView\Flags\GetFFlagSelfieViewEnabled.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\d3dcsx_47.dll C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\Screenshots\Roact.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\CommunityLinks\SharedFlags.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\textures\ui\btn_red.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\LuaPackages\Packages\_Index\RoduxUsers\RoduxUsers\init.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\LuaPackages\Packages\_Index\VirtualizedList\VirtualizedList\init.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\studio_svg_textures\Lua\AssetManager\Light\Standard\List.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\studio_svg_textures\Lua\FileSync\Dark\Large\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\studio_svg_textures\Shared\InsertableObjects\Light\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\textures\ui\LuaApp\ExternalSite\qq.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\studio_svg_textures\Shared\InsertableObjects\Light\Large\Frame.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\studio_svg_textures\Shared\InsertableObjects\Light\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\studio_svg_textures\Shared\WidgetIcons\Light\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\LuaPackages\Packages\_Index\JestMessageUtil-31ab8d40-3.8.1\PrettyFormat.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\textures\MaterialGenerator\Materials\Fabric.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\LuaPackages\Packages\_Index\NetworkingAliases-31ab8d40-0.6.3\NetworkingAliases\ALIAS_URL.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\GraphQLServer\Cryo.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\studio_svg_textures\Shared\InsertableObjects\Dark\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\LuaPackages\Packages\_Index\jtaylor_mock\mock\fmtArgs.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\LuaPackages\Packages\_Index\ReactSceneUnderstanding\ReactSceneUnderstanding\README.md C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\textures\ui\Controls\PlayStationController\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\CrossExperienceVoice\CrossExperience.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\DiscoverabilityModal\Localization.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\studio_svg_textures\Shared\DraggerTools\Dark\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\studio_svg_textures\Shared\DraggerTools\Light\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\ProfilePlatform\SocialLuaAnalytics.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\LuaPackages\Packages\_Index\JestEnvironment\JestEnvironment\init.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\studio_svg_textures\Shared\Ribbon\Dark\Medium\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\studio_svg_textures\Shared\InsertableObjects\Dark\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\LuaPackages\Packages\_Index\ReactRoblox\lock.toml C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\ExtraContent\LuaPackages\Workspace\Packages\_Workspace\GraphQLServer\SharedFlags.lua C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\studio_svg_textures\Shared\InsertableObjects\Dark\Standard\ReplicatedFirst.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\studio_svg_textures\Shared\InsertableObjects\Light\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\studio_svg_textures\Shared\Ribbon\Light\Medium\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\textures\ui\dialog_green.png C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\studio_svg_textures\Shared\InsertableObjects\Light\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
File created C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\content\studio_svg_textures\Shared\InsertableObjects\Light\Standard\[email protected] C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_810054392\hyph-te.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_810054392\_metadata\verified_contents.json C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\diagwrn.xml C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_810054392\hyph-de-1996.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_810054392\hyph-hu.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_1085414269\manifest.json C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_810054392\hyph-tk.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_810054392\hyph-bg.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_2026340738\Filtering Rules-CA C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\Edge\Application\129.0.2792.89\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C895449F-B7CE-4488-8D67-A70ADAEE27AD}\EDGEMITMP_A7589.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_810054392\hyph-ml.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_2026340738\Part-ES C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_2026340738\Part-RU C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\Edge\Application\129.0.2792.89\Installer\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_1733861122\_metadata\verified_contents.json C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_872624197\kp_pinslist.pb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_2026340738\Part-NL C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\metadata C:\Program Files (x86)\Microsoft\Edge\Application\129.0.2792.89\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\Edge\Application\129.0.2792.89\Installer\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_872624197\ct_config.pb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_810054392\hyph-la.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_810054392\hyph-eu.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_810054392\hyph-ga.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_810054392\hyph-gu.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_810054392\hyph-or.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\Edge\Application\129.0.2792.89\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C895449F-B7CE-4488-8D67-A70ADAEE27AD}\EDGEMITMP_A7589.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_810054392\hyph-de-1901.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_872624197\manifest.json C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_810054392\hyph-und-ethi.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\throttle_store.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_1314956817\manifest.json C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_810054392\hyph-as.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_810054392\hyph-de-ch-1901.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_2026340738\manifest.fingerprint C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\297dde21-b6a9-4ac1-96de-fb215994daf9.tmp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C895449F-B7CE-4488-8D67-A70ADAEE27AD}\EDGEMITMP_A7589.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_344126750\manifest.fingerprint C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_810054392\hyph-pt.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\Edge\Application\129.0.2792.89\Installer\setup.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C895449F-B7CE-4488-8D67-A70ADAEE27AD}\EDGEMITMP_A7589.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_810054392\hyph-bn.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_2026340738\Filtering Rules-AA C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_1314956817\manifest.fingerprint C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_810054392\hyph-pa.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_810054392\manifest.json C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File opened for modification C:\Windows\SystemTemp\msedge_installer.log C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C895449F-B7CE-4488-8D67-A70ADAEE27AD}\EDGEMITMP_A7589.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_810054392\hyph-be.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_2129894448\manifest.fingerprint C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_1314956817\protocols.json C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_2026340738\LICENSE C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_810054392\hyph-sl.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\setuperr.log C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File opened for modification C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_810054392\hyph-nn.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_2026340738\manifest.json C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_2129894448\Microsoft.CognitiveServices.Speech.core.dll C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_810054392\hyph-da.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_810054392\hyph-en-us.hyb C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A

Subvert Trust Controls: Mark-of-the-Web Bypass

defense_evasion
Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\RobloxStudioInstaller.exe:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{24D9EB15-C93F-4014-95D0-FB5ACA65DDD6}\MicrosoftEdgeUpdateSetup_X86_1.3.195.25.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\Temp\EUA1E1.tmp\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\svchost.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Windows\system32\svchost.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio-auth C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\129.0.2792.89\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio-auth\WarnOnOpen = "0" C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\129.0.2792.89\\BHO" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge\InstallerPinned = "0" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\LocalServer32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\LocalizedString = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\msedgeupdate.dll,-3000" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A6B716CB-028B-404D-B72C-50E153DD68DA}\AppID = "{A6B716CB-028B-404D-B72C-50E153DD68DA}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\NumMethods\ = "12" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\LoadUserSettings = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32\ = "{B019EEF0-C45E-464D-81C8-23283376FB2C}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\NumMethods\ = "16" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC}\LocalServer32\ = "\"C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\MicrosoftEdgeUpdateOnDemand.exe\"" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ = "IAppBundleWeb" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\MSEdgePDF\shell\runas C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.Update3COMClassService" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{9A6B447A-35E2-4F6B-A87B-5DEEBBFDAD17}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9F3F5F5D-721A-4B19-9B5D-69F664C1A591} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\Programmable\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\MSEdgeHTM\Application\AppUserModelId = "MSEdge" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\VersionIndependentProgID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\NumMethods\ = "10" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ = "C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.195.25\\psmachine.dll" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ = "IProcessLauncher2" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\MSEdgePDF\shell\open C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F7B3738C-9BCA-4B14-90B7-89D0F3A3E497} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ = "IAppVersionWeb" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio-auth\shell\open C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\NumMethods\ = "16" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\NumMethods\ = "16" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ = "IProcessLauncher2" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ = "IBrowserHttpRequest2" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\ProxyStubClsid32\ = "{B019EEF0-C45E-464D-81C8-23283376FB2C}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\ = "IAppCommand2" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8} C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{C20433B3-0D4B-49F6-9B6C-6EE0FAE07837} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FCE48F77-C677-4012-8A1A-54D2E2BC07BD}\NumMethods\ = "4" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{CECDDD22-2E72-4832-9606-A9B0E5E344B2}\AppID = "{CECDDD22-2E72-4832-9606-A9B0E5E344B2}" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\ProxyStubClsid32\ = "{B019EEF0-C45E-464D-81C8-23283376FB2C}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ProgID\ = "ie_to_edge_bho.IEToEdgeBHO.1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{450CF5FF-95C4-4679-BECA-22680389ECB9}\ProxyStubClsid32\ = "{B019EEF0-C45E-464D-81C8-23283376FB2C}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5F6A18BB-6231-424B-8242-19E5BB94F8ED}\PROGID C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}\ = "PDF Preview Handler" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2410826464-2353372766-2364966905-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU C:\Users\Admin\Downloads\AssetBundleExtractor_3.0beta1_64bit\AssetBundleExtractor_3.0beta1_64bit\AssetBundleExtractor.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\NumMethods\ = "24" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ProxyStubClsid32\ = "{B019EEF0-C45E-464D-81C8-23283376FB2C}" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B5977F34-9264-4AC3-9B31-1224827FF6E8}\ = "Microsoft Edge Update Broker Class Factory" C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\NumMethods C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB}\ = "IPolicyStatus5" C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69} C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ProxyStubClsid32 C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\AssetBundleExtractor_3.0beta1_64bit.zip:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 40380.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\RobloxStudioInstaller.exe:Zone.Identifier C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\UABE-master.zip:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxStudioInstaller.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A

Suspicious behavior: LoadsDriver

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\MicrosoftEdgeUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\MicrosoftEdgeUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Microsoft\Temp\EUA1E1.tmp\MicrosoftEdgeUpdate.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3860 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3312 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 3592 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 2432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 2432 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 2272 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 2272 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 2272 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 2272 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 2272 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 2272 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 2272 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 2272 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 2272 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 2272 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 2272 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 2272 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 2272 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 2272 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 2272 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 2272 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 2272 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 2272 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 2272 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 3860 wrote to memory of 2272 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

System policy modification

evasion
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe N/A

Uses Task Scheduler COM API

persistence

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.com

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffb74c23cb8,0x7ffb74c23cc8,0x7ffb74c23cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1916,8489379445174243728,5470170426018319375,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1908 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1916,8489379445174243728,5470170426018319375,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2148 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1916,8489379445174243728,5470170426018319375,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2540 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,8489379445174243728,5470170426018319375,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3044 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,8489379445174243728,5470170426018319375,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3052 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,8489379445174243728,5470170426018319375,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4920 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1916,8489379445174243728,5470170426018319375,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3856 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,8489379445174243728,5470170426018319375,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5428 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,8489379445174243728,5470170426018319375,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5448 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1916,8489379445174243728,5470170426018319375,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5776 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,8489379445174243728,5470170426018319375,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5528 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,8489379445174243728,5470170426018319375,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,8489379445174243728,5470170426018319375,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5040 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,8489379445174243728,5470170426018319375,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1268 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,8489379445174243728,5470170426018319375,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6048 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,8489379445174243728,5470170426018319375,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5988 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaService --field-trial-handle=1916,8489379445174243728,5470170426018319375,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=4880 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1916,8489379445174243728,5470170426018319375,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6176 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1916,8489379445174243728,5470170426018319375,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=6188 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1916,8489379445174243728,5470170426018319375,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=4772 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=1916,8489379445174243728,5470170426018319375,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=2648 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,8489379445174243728,5470170426018319375,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7056 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,8489379445174243728,5470170426018319375,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7052 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,8489379445174243728,5470170426018319375,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7160 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1916,8489379445174243728,5470170426018319375,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5636 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1916,8489379445174243728,5470170426018319375,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6844 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1916,8489379445174243728,5470170426018319375,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7016 /prefetch:8

C:\Users\Admin\Downloads\RobloxStudioInstaller.exe

"C:\Users\Admin\Downloads\RobloxStudioInstaller.exe"

C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MicrosoftEdgeWebview2Setup.exe /silent /install

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RDQ2REM1MUQtM0UyMS00OEM1LUFEOTctMTNFM0I3NTAyMDc0fSIgdXNlcmlkPSJ7MkUzNDk2MUUtOTRBMy00NkZCLTlFM0QtQjVGQTVERjlGOTUwfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins0MDg2QkFCMy0wOEUwLTQyRUEtQjYwOS1CRTA0MkZGMTY4Mzh9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE0My41NyIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijc0NzYwNTMzMTYiIGluc3RhbGxfdGltZV9tcz0iNjAwIi8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{D46DC51D-3E21-48C5-AD97-13E3B7502074}" /silent

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RDQ2REM1MUQtM0UyMS00OEM1LUFEOTctMTNFM0I3NTAyMDc0fSIgdXNlcmlkPSJ7MkUzNDk2MUUtOTRBMy00NkZCLTlFM0QtQjVGQTVERjlGOTUwfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins5OUUwRDQ3Ri1EQUEzLTRDQ0MtQTMwNy1ERTQ2QzgzRjNBMzF9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTIzLjAuNjMxMi4xMjMiIG5leHR2ZXJzaW9uPSIxMjMuMC42MzEyLjEyMyIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijc0Nzk5MzMwMDQiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C895449F-B7CE-4488-8D67-A70ADAEE27AD}\MicrosoftEdge_X64_129.0.2792.89.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C895449F-B7CE-4488-8D67-A70ADAEE27AD}\MicrosoftEdge_X64_129.0.2792.89.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C895449F-B7CE-4488-8D67-A70ADAEE27AD}\EDGEMITMP_A7589.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C895449F-B7CE-4488-8D67-A70ADAEE27AD}\EDGEMITMP_A7589.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C895449F-B7CE-4488-8D67-A70ADAEE27AD}\MicrosoftEdge_X64_129.0.2792.89.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C895449F-B7CE-4488-8D67-A70ADAEE27AD}\EDGEMITMP_A7589.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C895449F-B7CE-4488-8D67-A70ADAEE27AD}\EDGEMITMP_A7589.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=129.0.6668.101 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{C895449F-B7CE-4488-8D67-A70ADAEE27AD}\EDGEMITMP_A7589.tmp\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=129.0.2792.89 --initial-client-data=0x244,0x248,0x24c,0x220,0x250,0x7ff7902676f0,0x7ff7902676fc,0x7ff790267708

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RDQ2REM1MUQtM0UyMS00OEM1LUFEOTctMTNFM0I3NTAyMDc0fSIgdXNlcmlkPSJ7MkUzNDk2MUUtOTRBMy00NkZCLTlFM0QtQjVGQTVERjlGOTUwfSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins4RDk0QjAzOS1FMTE0LTRDNzgtQTRFRC0yOUQ1NEMxMDc4MUV9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIxMjkuMC4yNzkyLjg5IiBsYW5nPSIiIGJyYW5kPSIiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSI5IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI3NDg5NzQzMTA3IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNzQ4OTg0MzA2MyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijc3MjU2NzMyNDMiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5mLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzL2I1M2ZhMjE3LTZmNDQtNDU4NS1hNGVjLTcwZWQzNWYyYWE3Mz9QMT0xNzI5MzYxMTIwJmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PUdxNUN2WmRpQyUyYmpZWk11dUoza2VESGZmbVNISHowR01Nb3ZzdmJlR1dBMzdQQWVoNzljUyUyYlhhRTNvR0N2JTJiMG94c2xVZTlRQzlhMEslMmZNRElUQmNramclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNzM5MDM5NTIiIHRvdGFsPSIxNzM5MDM5NTIiIGRvd25sb2FkX3RpbWVfbXM9IjE3MTMzIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iNzcyNTgyMzE2MyIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijc3MzkyNDMwMTYiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY3NTciIHN5c3RlbV91cHRpbWVfdGlja3M9IjgzNTQwODMyMjMiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSIzNjciIGRvd25sb2FkX3RpbWVfbXM9IjIzNTg5IiBkb3dubG9hZGVkPSIxNzM5MDM5NTIiIHRvdGFsPSIxNzM5MDM5NTIiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIwIiBpbnN0YWxsX3RpbWVfbXM9IjYxNDgyIi8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe

"C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxStudioBeta.exe" -startEvent www.roblox.com/robloxQTStudioStartedEvent -firstLaunch

C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxCrashHandler.exe

"C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\RobloxCrashHandler.exe" --no-rate-limit --crashCounter Win-ROBLOXStudio-Crash --baseUrl https://www.roblox.com --attachment=attachment_0.646.0.6460700_20241012T180647Z_Studio_103EC_last.log=C:\Users\Admin\AppData\Local\Roblox\logs\0.646.0.6460700_20241012T180647Z_Studio_103EC_last.log --attachment=attachment_log_0.646.0.6460700_20241012T180647Z_Studio_103EC_csg3.log=C:\Users\Admin\AppData\Local\Roblox\logs\log_0.646.0.6460700_20241012T180647Z_Studio_103EC_csg3.log --database=C:\Users\Admin\AppData\Local\Roblox\logs\crashes --metrics-dir=C:\Users\Admin\AppData\Local\Roblox\logs\crashes --url=https://upload.crashes.rbxinfra.com/post?format=minidump --annotation=AppVersion=0.646.0.6460700 --annotation=Format=minidump --annotation=HardwareModel= --annotation=HasBootstrapper=true --annotation=InstallFolder=ProgramFilesX86 --annotation=OSPlatform=Windows --annotation=RobloxChannel=production --annotation=RobloxGitHash=12af0990e81bb3dd36d816e6ed69821a32678f83 --annotation=RobloxProduct=RobloxStudio --annotation=StudioVersion=0.646.0.6460700 --annotation=UniqueId=4181595111810247958 --annotation=UseCrashpad=True --annotation=app_arch=x86_64 --annotation=application.version=0.646.0.6460700 --annotation=host_arch=x86_64 --initial-client-data=0x54c,0x5a0,0x5a4,0x4f8,0x538,0x7ff7a5123a58,0x7ff7a5123a70,0x7ff7a5123a88

C:\Windows\System32\GameBarPresenceWriter.exe

"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 646, 0, 6460700" --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --mojo-named-platform-channel-pipe=3104.2528.5034439056606618541

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=129.0.6668.101 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=129.0.2792.89 --initial-client-data=0x180,0x184,0x188,0x15c,0x48,0x7ffb5eca8ee0,0x7ffb5eca8eec,0x7ffb5eca8ef8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe" --type=gpu-process --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 646, 0, 6460700" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1808,i,4614595634642168532,6319880649904116080,262144 --variations-seed-version --mojo-platform-channel-handle=1804 /prefetch:2

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 646, 0, 6460700" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=1896,i,4614595634642168532,6319880649904116080,262144 --variations-seed-version --mojo-platform-channel-handle=1928 /prefetch:11

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 646, 0, 6460700" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=2156,i,4614595634642168532,6319880649904116080,262144 --variations-seed-version --mojo-platform-channel-handle=2248 /prefetch:13

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe" --type=renderer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 646, 0, 6460700" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3552,i,4614595634642168532,6319880649904116080,262144 --variations-seed-version --mojo-platform-channel-handle=3580 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe" --type=renderer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 646, 0, 6460700" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=4112,i,4614595634642168532,6319880649904116080,262144 --variations-seed-version --mojo-platform-channel-handle=4132 /prefetch:1

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe" --type=renderer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 646, 0, 6460700" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=3584,i,4614595634642168532,6319880649904116080,262144 --variations-seed-version --mojo-platform-channel-handle=3724 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.roblox.com/account/signupredir?ReturnUrl=https%3A%2F%2Fapis.roblox.com%2Foauth%2Fv1%2Fauthorize%3Fclient_id%3D7968549422692352298%26response_type%3Dcode%26redirect_uri%3Droblox-studio-auth%253a%252f%26scope%3Dopenid%2Bcredentials%2Bprofile%2Bage%2Broles%2Bpremium%26state%3DeyJyYW5kb21fc3RyaW5nIjoiV3hYMXJ6RXpqZ1l0b0x1OEplcEFaLUVQY2p1YThRX2xUVVVTeXV5bFdlVSIsInBpZCI6IjMxMDQifQ%253d%253d%26nonce%3Did-roblox%26code_challenge%3DqNr4lyFvua3vbmR0tzbBtefcVCDOWNcepisxZ43JlpI%26code_challenge_method%3DS256%26rlt%3Du14Z2PHE5JZCsqXa3pLsW5qT798iOsAn6-v81B_uf99L89Q8MmTtcz9kt4KVQ1RKUSgdUnuuW0CH2wgpecyxGlqs_-lBpD4m01UoX44Wwt-cvlt9Kr1iLpjI8l_5n89YqbbvJjgCR6Bn4i3VGObP1A

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffb74c23cb8,0x7ffb74c23cc8,0x7ffb74c23cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1968,12079269422335929916,13652384076232821557,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1984 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1968,12079269422335929916,13652384076232821557,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2488 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1968,12079269422335929916,13652384076232821557,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2852 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,12079269422335929916,13652384076232821557,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3584 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,12079269422335929916,13652384076232821557,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3600 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,12079269422335929916,13652384076232821557,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4816 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1968,12079269422335929916,13652384076232821557,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2112 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,12079269422335929916,13652384076232821557,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3808 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,12079269422335929916,13652384076232821557,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3848 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,12079269422335929916,13652384076232821557,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2540 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,12079269422335929916,13652384076232821557,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5168 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1968,12079269422335929916,13652384076232821557,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5756 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=media.mojom.MediaService --field-trial-handle=1968,12079269422335929916,13652384076232821557,131072 --lang=en-US --service-sandbox-type=mf_cdm --mojo-platform-channel-handle=3984 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 646, 0, 6460700" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=4904,i,4614595634642168532,6319880649904116080,262144 --variations-seed-version --mojo-platform-channel-handle=2080 /prefetch:14

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1968,12079269422335929916,13652384076232821557,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4900 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1968,12079269422335929916,13652384076232821557,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=4812 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 646, 0, 6460700" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=2068,i,4614595634642168532,6319880649904116080,262144 --variations-seed-version --mojo-platform-channel-handle=5044 /prefetch:14

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 646, 0, 6460700" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=784,i,4614595634642168532,6319880649904116080,262144 --variations-seed-version --mojo-platform-channel-handle=4940 /prefetch:14

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 646, 0, 6460700" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=4948,i,4614595634642168532,6319880649904116080,262144 --variations-seed-version --mojo-platform-channel-handle=4992 /prefetch:14

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 646, 0, 6460700" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=5116,i,4614595634642168532,6319880649904116080,262144 --variations-seed-version --mojo-platform-channel-handle=4916 /prefetch:14

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 646, 0, 6460700" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=UAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAAhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=780,i,4614595634642168532,6319880649904116080,262144 --variations-seed-version --mojo-platform-channel-handle=4980 /prefetch:10

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 646, 0, 6460700" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=5080,i,4614595634642168532,6319880649904116080,262144 --variations-seed-version --mojo-platform-channel-handle=5044 /prefetch:14

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1968,12079269422335929916,13652384076232821557,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2136 /prefetch:2

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 646, 0, 6460700" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=4084,i,4614595634642168532,6319880649904116080,262144 --variations-seed-version --mojo-platform-channel-handle=4808 /prefetch:14

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 646, 0, 6460700" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --field-trial-handle=4244,i,4614595634642168532,6319880649904116080,262144 --variations-seed-version --mojo-platform-channel-handle=924 /prefetch:14

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{24D9EB15-C93F-4014-95D0-FB5ACA65DDD6}\MicrosoftEdgeUpdateSetup_X86_1.3.195.25.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{24D9EB15-C93F-4014-95D0-FB5ACA65DDD6}\MicrosoftEdgeUpdateSetup_X86_1.3.195.25.exe" /update /sessionid "{461E2C1B-97C4-4710-8CEF-A2036C1095A2}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NDYxRTJDMUItOTdDNC00NzEwLThDRUYtQTIwMzZDMTA5NUEyfSIgdXNlcmlkPSJ7MkUzNDk2MUUtOTRBMy00NkZCLTlFM0QtQjVGQTVERjlGOTUwfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9InswQ0UxMkEzMy0wRDc5LTRCRDUtOEY2Qi1FQjg2QUQyMDhGRTJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTcxLjM5IiBuZXh0dmVyc2lvbj0iMS4zLjE5NS4yNSIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwNjQwNTEzMDM2IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwNjQwNTQzMDQxIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ3MDIzODM4IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMDY0NjY2MzIyOCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iZG8iIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzL2E2MDYyMzc1LWYzMDEtNGMzNi05NzRkLWNhZjlhYjI0NmU3Yj9QMT0xNzI5MzYxNDM1JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PW1GJTJiaDNHUW05a09uS2VwdmY1c09qNGltblJKbSUyYjBjckxlTXVsRFJrYzRxSUVWZkxmNXpwYXh1ZzVhb1BQVGNZSW1GYmVBRHBpMm5kWEd2ZXFKS3kxQSUzZCUzZCIgc2VydmVyX2lwX2hpbnQ9IiIgY2RuX2NpZD0iLTEiIGNkbl9jY2M9IiIgY2RuX21zZWRnZV9yZWY9IiIgY2RuX2F6dXJlX3JlZl9vcmlnaW5fc2hpZWxkPSIiIGNkbl9jYWNoZT0iIiBjZG5fcDNwPSIiIGRvd25sb2FkZWQ9IjAiIHRvdGFsPSIwIiBkb3dubG9hZF90aW1lX21zPSI2Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwNjQ2NjkzMTkwIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuYi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy9hNjA2MjM3NS1mMzAxLTRjMzYtOTc0ZC1jYWY5YWIyNDZlN2I_UDE9MTcyOTM2MTQzNSZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1tRiUyYmgzR1FtOWtPbktlcHZmNXNPajRpbW5SSm0lMmIwY3JMZU11bERSa2M0cUlFVmZMZjV6cGF4dWc1YW9QUFRjWUltRmJlQURwaTJuZFhHdmVxSkt5MUElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNjYzMDQ4IiB0b3RhbD0iMTY2MzA0OCIgZG93bmxvYWRfdGltZV9tcz0iNTAwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwNjQ2NzEzMDQ2IiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwNjUxOTYzMzI3IiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PHBpbmcgcj0iLTEiIHJkPSItMSIvPjwvYXBwPjxhcHAgYXBwaWQ9Ins1NkVCMThGOC1CMDA4LTRDQkQtQjZEMi04Qzk3RkU3RTkwNjJ9IiB2ZXJzaW9uPSI5MC4wLjgxOC42NiIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGV4cGVyaW1lbnRzPSJjb25zZW50PWZhbHNlIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM3MzIzMDAyMDQzODYzMTAiPjx1cGRhdGVjaGVjay8-PHBpbmcgYWN0aXZlPSIxIiBhPSItMSIgcj0iLTEiIGFkPSItMSIgcmQ9Ii0xIi8-PC9hcHA-PGFwcCBhcHBpZD0ie0YzMDE3MjI2LUZFMkEtNDI5NS04QkRGLTAwQzNBOUE3RTRDNX0iIHZlcnNpb249IjEyOS4wLjI3OTIuODkiIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgdXBkYXRlX2NvdW50PSIxIiBsYXN0X2xhdW5jaF90aW1lPSIxMzM3MzIzMDAxMTQ1NDYxMDAiPjx1cGRhdGVjaGVjay8-PHBpbmcgYWN0aXZlPSIxIiBhPSItMSIgcj0iLTEiIGFkPSItMSIgcmQ9Ii0xIiBwaW5nX2ZyZXNobmVzcz0iezUzMDlGMzVDLUZCMDQtNDU5NC1CMzEzLTZDMkJCNDAxQzQyQ30iLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Microsoft\Temp\EUA1E1.tmp\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\Temp\EUA1E1.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{461E2C1B-97C4-4710-8CEF-A2036C1095A2}"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.25\MicrosoftEdgeUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMjUiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NDYxRTJDMUItOTdDNC00NzEwLThDRUYtQTIwMzZDMTA5NUEyfSIgdXNlcmlkPSJ7MkUzNDk2MUUtOTRBMy00NkZCLTlFM0QtQjVGQTVERjlGOTUwfSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7OTVEMEU5OUUtOTQ5OC00MDBCLTkzMTgtQzdDNENEOUY0N0M2fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xOTUuMjUiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIwIiBpbnN0YWxsZGF0ZXRpbWU9IjE3Mjg3NTYzMTciPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEwNjYzNTkzMDYzIi8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,12079269422335929916,13652384076232821557,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3804 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1968,12079269422335929916,13652384076232821557,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5756 /prefetch:1

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe

"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.89\msedgewebview2.exe" --type=renderer --string-annotations=is-enterprise-managed=no --noerrdialogs --user-data-dir="C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView" --webview-exe-name=RobloxStudioBeta.exe --webview-exe-version="0, 646, 0, 6460700" --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --field-trial-handle=2868,i,4614595634642168532,6319880649904116080,262144 --variations-seed-version --mojo-platform-channel-handle=2140 /prefetch:1

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffb74adcc40,0x7ffb74adcc4c,0x7ffb74adcc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1744,i,5428138486162043487,1355818682346080223,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1736 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2092,i,5428138486162043487,1355818682346080223,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2100 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2168,i,5428138486162043487,1355818682346080223,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=2192 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3056,i,5428138486162043487,1355818682346080223,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3080 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3324,i,5428138486162043487,1355818682346080223,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3332 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4436,i,5428138486162043487,1355818682346080223,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4452 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4676,i,5428138486162043487,1355818682346080223,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4688 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4684,i,5428138486162043487,1355818682346080223,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4644 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4828,i,5428138486162043487,1355818682346080223,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4840 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4960,i,5428138486162043487,1355818682346080223,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4964 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3760,i,5428138486162043487,1355818682346080223,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=4476 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4360,i,5428138486162043487,1355818682346080223,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3388 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4980,i,5428138486162043487,1355818682346080223,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5056 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5204,i,5428138486162043487,1355818682346080223,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=868 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5384,i,5428138486162043487,1355818682346080223,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=5456 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMjUiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MzhENEIxOTctRkZFMS00OEZBLUIzNkItRUI0MTFGNDNEN0JBfSIgdXNlcmlkPSJ7MkUzNDk2MUUtOTRBMy00NkZCLTlFM0QtQjVGQTVERjlGOTUwfSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7QTkxNzlDRTUtMDU0RS00QTI2LUJEQ0QtMjI1OEIyRUFBNTc4fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7bGhWaTEyUWNrNlNsMHVVMU9CNlkxNTI5YlI2YnNleTQrY3U3ZEh4czZjaz0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTIzLjAuNjMxMi4xMjMiIG5leHR2ZXJzaW9uPSIiIGxhbmc9ImVuIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjUiIGluc3RhbGxkYXRldGltZT0iMTcyODMwMjE4MiIgb29iZV9pbnN0YWxsX3RpbWU9IjEzMzcyNzc0OTczODIwMDAwMCI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjIxNzk4NjIiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEzNzY3OTczMDk0Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\MicrosoftEdge_X64_129.0.2792.89.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\MicrosoftEdge_X64_129.0.2792.89.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\MicrosoftEdge_X64_129.0.2792.89.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=129.0.6668.101 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=129.0.2792.89 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff7a5ba76f0,0x7ff7a5ba76fc,0x7ff7a5ba7708

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=129.0.6668.101 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=129.0.2792.89 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff7a5ba76f0,0x7ff7a5ba76fc,0x7ff7a5ba7708

C:\Program Files (x86)\Microsoft\Edge\Application\129.0.2792.89\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\129.0.2792.89\Installer\setup.exe" --msedge --channel=stable --remove-deprecated-packages --verbose-logging --system-level

C:\Program Files (x86)\Microsoft\Edge\Application\129.0.2792.89\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\129.0.2792.89\Installer\setup.exe" --msedge --channel=stable --update-game-assist-package --verbose-logging --system-level

C:\Program Files (x86)\Microsoft\Edge\Application\129.0.2792.89\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\129.0.2792.89\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=129.0.6668.101 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\129.0.2792.89\Installer\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=129.0.2792.89 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff68a5976f0,0x7ff68a5976fc,0x7ff68a597708

C:\Program Files (x86)\Microsoft\Edge\Application\129.0.2792.89\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\129.0.2792.89\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=129.0.6668.101 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\129.0.2792.89\Installer\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=129.0.2792.89 --initial-client-data=0x24c,0x250,0x254,0x228,0x258,0x7ff68a5976f0,0x7ff68a5976fc,0x7ff68a597708

C:\Users\Admin\Downloads\AssetBundleExtractor_3.0beta1_64bit\AssetBundleExtractor_3.0beta1_64bit\AssetBundleExtractor.exe

"C:\Users\Admin\Downloads\AssetBundleExtractor_3.0beta1_64bit\AssetBundleExtractor_3.0beta1_64bit\AssetBundleExtractor.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0x104,0x108,0x10c,0xe0,0x110,0x7ffb74adcc40,0x7ffb74adcc4c,0x7ffb74adcc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1904,i,4909627277342047617,7133924142267335655,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=1900 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2132,i,4909627277342047617,7133924142267335655,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=2140 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2204,i,4909627277342047617,7133924142267335655,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=2220 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3096,i,4909627277342047617,7133924142267335655,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=3240 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3196,i,4909627277342047617,7133924142267335655,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=3380 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4504,i,4909627277342047617,7133924142267335655,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=4476 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4512,i,4909627277342047617,7133924142267335655,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=4528 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4716,i,4909627277342047617,7133924142267335655,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=4728 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4728,i,4909627277342047617,7133924142267335655,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=4576 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4584,i,4909627277342047617,7133924142267335655,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=4680 /prefetch:8

C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuMjUiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7MzhENEIxOTctRkZFMS00OEZBLUIzNkItRUI0MTFGNDNEN0JBfSIgdXNlcmlkPSJ7MkUzNDk2MUUtOTRBMy00NkZCLTlFM0QtQjVGQTVERjlGOTUwfSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntGQjA3QTQ2NS1FRTM0LTQ3REEtOUE2My1GOERCNzE4OTNBNkN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTk1LjI1IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9IklzT25JbnRlcnZhbENvbW1hbmRzQWxsb3dlZD0lNUIlMjItdGFyZ2V0X2RldiUyMC1taW5fYnJvd3Nlcl92ZXJzaW9uX2NhbmFyeV9kZXYlMjAxMzEuMC4yODcxLjAlMjIlNUQiIGluc3RhbGxhZ2U9IjAiIGNvaG9ydD0icnJmQDAuODYiPjx1cGRhdGVjaGVjay8-PHBpbmcgcmQ9IjY0OTQiIHBpbmdfZnJlc2huZXNzPSJ7NjFGNzM3MzQtOEYxMi00MkYzLTgwMzAtN0Q0QURBNTJENkMxfSIvPjwvYXBwPjxhcHAgYXBwaWQ9Ins1NkVCMThGOC1CMDA4LTRDQkQtQjZEMi04Qzk3RkU3RTkwNjJ9IiB2ZXJzaW9uPSI5MC4wLjgxOC42NiIgbmV4dHZlcnNpb249IjEyOS4wLjI3OTIuODkiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaXNfcGlubmVkX3N5c3RlbT0idHJ1ZSIgbGFzdF9sYXVuY2hfY291bnQ9IjEiIGxhc3RfbGF1bmNoX3RpbWU9IjEzMzczMjMwMDIwNDM4NjMxMCI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSIxMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTM3ODM1NDMyMjMiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTM3ODM1ODMxNTQiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTM4MTIyMzMwNDMiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTM4MjY5NDMyNjUiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIzIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY3NTciIHN5c3RlbV91cHRpbWVfdGlja3M9IjE0MzUzNTEzMDEyIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiB1cGRhdGVfY2hlY2tfdGltZV9tcz0iOTE3IiBkb3dubG9hZGVkPSIxNzM5MDM5NTIiIHRvdGFsPSIxNzM5MDM5NTIiIHBhY2thZ2VfY2FjaGVfcmVzdWx0PSIyIiBpbnN0YWxsX3RpbWVfbXM9IjUyNjQxIi8-PHBpbmcgYWN0aXZlPSIxIiBhZD0iNjQ5NCIgcmQ9IjY0OTQiIHBpbmdfZnJlc2huZXNzPSJ7QkExNEQwRUMtMkJFOC00OTMzLTlFMDItRjlENEY0OTgzNjIzfSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMjkuMC4yNzkyLjg5IiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiIGNvaG9ydD0icnJmQDAuNjkiIHVwZGF0ZV9jb3VudD0iMSIgbGFzdF9sYXVuY2hfY291bnQ9IjEiIGxhc3RfbGF1bmNoX3RpbWU9IjEzMzczMjMwMDExNDU0NjEwMCI-PHVwZGF0ZWNoZWNrLz48cGluZyBhY3RpdmU9IjEiIGFkPSI2NDk0IiByZD0iNjQ5NCIgcGluZ19mcmVzaG5lc3M9IntCNkVGQTgyRC01N0UyLTQ4QzQtOTk3My01ODYwRjExRjM3RTh9Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4620,i,4909627277342047617,7133924142267335655,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=5040 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3500,i,4909627277342047617,7133924142267335655,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=3740 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=3792,i,4909627277342047617,7133924142267335655,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=3272 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=3240,i,4909627277342047617,7133924142267335655,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=4360 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=3776,i,4909627277342047617,7133924142267335655,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=3364 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5132,i,4909627277342047617,7133924142267335655,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=5140 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5560,i,4909627277342047617,7133924142267335655,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=3368 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=4988,i,4909627277342047617,7133924142267335655,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=3316 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3356,i,4909627277342047617,7133924142267335655,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=3360 /prefetch:8

C:\Windows\system32\BackgroundTransferHost.exe

"BackgroundTransferHost.exe" -ServerName:BackgroundTransferHost.13

C:\Windows\System32\oobe\UserOOBEBroker.exe

C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=4448,i,4909627277342047617,7133924142267335655,262144 --variations-seed-version=20241011-130141.903000 --mojo-platform-channel-handle=4916 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
GB 172.217.169.14:80 www.youtube.com tcp
GB 172.217.169.14:80 www.youtube.com tcp
GB 142.250.200.36:80 www.google.com tcp
GB 142.250.200.36:443 www.google.com tcp
US 8.8.8.8:53 138.32.126.40.in-addr.arpa udp
GB 142.250.200.36:443 www.google.com udp
GB 142.250.179.238:443 www.youtube.com tcp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
GB 216.58.201.110:443 consent.google.com tcp
N/A 224.0.0.251:5353 udp
GB 142.250.180.1:443 lh5.googleusercontent.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
GB 216.58.204.78:443 www.youtube.com tcp
GB 216.58.204.78:443 www.youtube.com udp
FI 142.250.150.94:443 id.google.com tcp
GB 142.250.178.22:443 i.ytimg.com tcp
GB 142.250.178.22:443 i.ytimg.com tcp
GB 172.217.169.46:443 www.youtube.com udp
GB 142.250.178.22:443 i.ytimg.com udp
GB 216.58.201.110:443 consent.google.com udp
GB 216.58.212.194:443 googleads.g.doubleclick.net tcp
GB 216.58.212.194:443 googleads.g.doubleclick.net udp
GB 142.250.200.6:443 static.doubleclick.net tcp
GB 216.58.201.110:443 consent.google.com udp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
GB 128.116.119.4:443 www.roblox.com tcp
GB 128.116.119.4:443 www.roblox.com tcp
GB 2.18.190.79:443 css.rbxcdn.com tcp
GB 2.18.190.79:443 css.rbxcdn.com tcp
GB 2.18.190.79:443 css.rbxcdn.com tcp
GB 2.18.190.79:443 css.rbxcdn.com tcp
GB 2.18.190.79:443 css.rbxcdn.com tcp
GB 2.18.190.79:443 css.rbxcdn.com tcp
DE 18.66.248.81:443 static.rbxcdn.com tcp
GB 2.19.117.6:443 js.rbxcdn.com tcp
GB 2.19.117.6:443 js.rbxcdn.com tcp
GB 2.19.117.6:443 js.rbxcdn.com tcp
GB 2.19.117.6:443 js.rbxcdn.com tcp
GB 2.19.117.6:443 js.rbxcdn.com tcp
GB 2.19.117.6:443 js.rbxcdn.com tcp
GB 128.116.119.4:443 www.roblox.com tcp
GB 128.116.119.4:443 www.roblox.com tcp
GB 2.19.117.28:443 apis.rbxcdn.com tcp
GB 2.18.190.79:443 css.rbxcdn.com tcp
GB 2.18.190.75:443 images.rbxcdn.com tcp
GB 2.18.190.75:443 images.rbxcdn.com tcp
GB 2.18.190.75:443 images.rbxcdn.com tcp
GB 2.18.190.75:443 images.rbxcdn.com tcp
GB 2.18.190.75:443 images.rbxcdn.com tcp
GB 2.18.190.75:443 images.rbxcdn.com tcp
FR 128.116.122.3:443 roblox.com tcp
DE 18.173.233.50:443 arkoselabs.roblox.com tcp
DE 18.154.63.35:80 crt.rootg2.amazontrust.com tcp
DE 18.66.248.11:443 js.rbxcdn.com tcp
GB 2.18.190.80:443 css.rbxcdn.com tcp
GB 2.18.190.75:443 images.rbxcdn.com tcp
GB 2.18.190.80:443 css.rbxcdn.com tcp
US 8.8.8.8:53 premiumfeatures.roblox.com udp
US 8.8.8.8:53 create.roblox.com udp
DE 18.173.233.73:443 create.roblox.com tcp
DE 18.173.233.73:443 create.roblox.com tcp
US 8.8.8.8:53 o293668.ingest.sentry.io udp
US 34.120.195.249:443 o293668.ingest.sentry.io tcp
US 8.8.8.8:53 webblox.roblox.com udp
DE 18.154.63.128:443 webblox.roblox.com tcp
US 8.8.8.8:53 economy.roblox.com udp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
US 8.8.8.8:53 users.roblox.com udp
DE 18.154.63.128:443 webblox.roblox.com tcp
DE 18.66.248.50:443 clientsettingscdn.roblox.com tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 73.233.173.18.in-addr.arpa udp
US 8.8.8.8:53 232.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 249.195.120.34.in-addr.arpa udp
US 8.8.8.8:53 128.63.154.18.in-addr.arpa udp
US 8.8.8.8:53 50.248.66.18.in-addr.arpa udp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 games.roblox.com udp
US 8.8.8.8:53 thumbnails.roblox.com udp
US 8.8.8.8:53 tr.rbxcdn.com udp
GB 2.19.117.106:443 tr.rbxcdn.com tcp
GB 2.19.117.106:443 tr.rbxcdn.com tcp
GB 2.19.117.106:443 tr.rbxcdn.com tcp
GB 2.19.117.106:443 tr.rbxcdn.com tcp
GB 2.19.117.106:443 tr.rbxcdn.com tcp
GB 2.19.117.106:443 tr.rbxcdn.com tcp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 106.117.19.2.in-addr.arpa udp
US 216.239.34.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 clientsettings.roblox.com udp
US 8.8.8.8:53 setup.rbxcdn.com udp
DE 18.154.63.34:443 setup.rbxcdn.com tcp
DE 18.154.63.34:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 34.63.154.18.in-addr.arpa udp
US 8.8.8.8:53 ecsv2.roblox.com udp
GB 128.116.119.4:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 clientsettingscdn.roblox.com udp
DE 18.66.248.17:443 clientsettingscdn.roblox.com tcp
DE 18.154.63.34:443 setup.rbxcdn.com tcp
US 8.8.8.8:53 17.248.66.18.in-addr.arpa udp
DE 18.154.63.34:443 setup.rbxcdn.com tcp
DE 18.154.63.34:443 setup.rbxcdn.com tcp
N/A 127.0.0.1:50838 tcp
N/A 127.0.0.1:50842 tcp
N/A 127.0.0.1:50866 tcp
US 216.239.34.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
NL 4.175.87.113:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 113.87.175.4.in-addr.arpa udp
US 8.8.8.8:53 msedge.f.tlu.dl.delivery.mp.microsoft.com udp
GB 2.19.117.74:80 msedge.f.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 74.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 cxcs.microsoft.net udp
GB 92.123.128.139:443 www.bing.com tcp
GB 23.213.251.133:443 cxcs.microsoft.net tcp
US 8.8.8.8:53 139.128.123.92.in-addr.arpa udp
US 8.8.8.8:53 133.251.213.23.in-addr.arpa udp
GB 128.116.119.4:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:51318 tcp
DE 18.66.248.78:443 clientsettingscdn.roblox.com tcp
N/A 127.0.0.1:51326 tcp
N/A 127.0.0.1:51348 tcp
GB 128.116.119.4:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:51352 tcp
US 8.8.8.8:53 apis.roblox.com udp
GB 128.116.119.4:443 apis.roblox.com tcp
US 8.8.8.8:53 78.248.66.18.in-addr.arpa udp
GB 128.116.119.4:443 client-telemetry.roblox.com tcp
US 8.8.8.8:53 ephemeralcounters.api.roblox.com udp
GB 128.116.119.4:443 ephemeralcounters.api.roblox.com tcp
N/A 127.0.0.1:51362 tcp
N/A 127.0.0.1:51367 tcp
US 8.8.8.8:53 apis.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
US 8.8.8.8:53 apis.roblox.com udp
GB 128.116.119.4:443 apis.roblox.com tcp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 www.roblox.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 css.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 static.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 js.rbxcdn.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
US 8.8.8.8:53 images.rbxcdn.com udp
GB 2.18.190.80:443 css.rbxcdn.com tcp
GB 2.18.190.80:443 css.rbxcdn.com tcp
GB 2.18.190.80:443 css.rbxcdn.com tcp
GB 2.18.190.80:443 css.rbxcdn.com tcp
GB 2.18.190.80:443 css.rbxcdn.com tcp
GB 2.18.190.80:443 css.rbxcdn.com tcp
DE 18.66.248.81:443 static.rbxcdn.com tcp
DE 18.66.248.6:443 js.rbxcdn.com tcp
DE 18.66.248.6:443 js.rbxcdn.com tcp
DE 18.66.248.6:443 js.rbxcdn.com tcp
DE 18.66.248.6:443 js.rbxcdn.com tcp
DE 18.66.248.6:443 js.rbxcdn.com tcp
DE 18.66.248.6:443 js.rbxcdn.com tcp
DE 108.157.4.72:443 images.rbxcdn.com tcp
US 8.8.8.8:53 roblox.com udp
US 8.8.8.8:53 roblox.com udp
GB 2.18.190.80:443 css.rbxcdn.com tcp
US 8.8.8.8:53 metrics.roblox.com udp
US 8.8.8.8:53 metrics.roblox.com udp
GB 128.116.119.4:443 metrics.roblox.com tcp
US 8.8.8.8:53 apis.rbxcdn.com udp
US 8.8.8.8:53 apis.rbxcdn.com udp
GB 2.19.117.27:443 apis.rbxcdn.com tcp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
US 8.8.8.8:53 6.248.66.18.in-addr.arpa udp
US 8.8.8.8:53 72.4.157.108.in-addr.arpa udp
US 8.8.8.8:53 27.117.19.2.in-addr.arpa udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google udp
US 8.8.8.8:53 www.roblox.com udp
GB 128.116.119.4:443 www.roblox.com tcp
US 8.8.8.8:53 static.rbxcdn.com udp
GB 2.18.190.70:443 static.rbxcdn.com tcp
US 8.8.8.8:53 70.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 apis.roblox.com udp
GB 128.116.119.4:443 apis.roblox.com tcp
US 8.8.8.8:53 locale.roblox.com udp
US 8.8.8.8:53 apis.rbxcdn.com udp
GB 2.19.117.28:443 apis.rbxcdn.com tcp
US 8.8.8.8:53 auth.roblox.com udp
US 8.8.8.8:53 ecsv2.roblox.com udp
GB 128.116.119.4:443 ecsv2.roblox.com tcp
GB 128.116.119.4:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:52090 tcp
N/A 127.0.0.1:52093 tcp
GB 128.116.119.4:443 ecsv2.roblox.com tcp
US 8.8.8.8:443 dns.google udp
US 13.107.21.239:443 tcp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 8.8.8.8:53 239.21.107.13.in-addr.arpa udp
GB 2.19.117.74:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 ncs.roblox.com udp
US 8.8.8.8:53 arkoselabs.roblox.com udp
DE 18.173.233.44:443 arkoselabs.roblox.com tcp
US 8.8.8.8:53 arkoselabs.roblox.com udp
US 8.8.8.8:53 44.233.173.18.in-addr.arpa udp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 13.107.21.239:443 tcp
US 13.107.21.239:443 tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.4.4:443 dns.google udp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 52.252.28.242:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 msedge.b.tlu.dl.delivery.mp.microsoft.com udp
US 199.232.214.172:80 msedge.b.tlu.dl.delivery.mp.microsoft.com tcp
US 8.8.8.8:53 242.28.252.52.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
GB 128.116.119.4:443 ecsv2.roblox.com tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google udp
GB 128.116.119.4:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:52909 tcp
GB 128.116.119.4:443 ecsv2.roblox.com tcp
N/A 127.0.0.1:52912 tcp
US 8.8.8.8:53 ephemeralcounters.api.roblox.com udp
GB 128.116.119.4:443 ephemeralcounters.api.roblox.com tcp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:53 dns.google udp
US 8.8.4.4:443 dns.google udp
GB 142.250.200.36:443 www.google.com udp
US 8.8.8.8:53 227.16.217.172.in-addr.arpa udp
GB 142.250.200.36:443 www.google.com tcp
US 8.8.8.8:53 ogads-pa.googleapis.com udp
US 8.8.8.8:53 apis.google.com udp
GB 216.58.213.10:443 ogads-pa.googleapis.com udp
GB 142.250.179.238:443 apis.google.com udp
GB 216.58.213.10:443 ogads-pa.googleapis.com tcp
US 8.8.8.8:53 3.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 10.213.58.216.in-addr.arpa udp
GB 216.58.201.110:443 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
GB 172.217.169.78:443 clients2.google.com udp
GB 172.217.169.78:443 clients2.google.com tcp
US 8.8.8.8:53 dns-tunnel-check.googlezip.net udp
US 8.8.8.8:53 tunnel.googlezip.net udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 216.58.213.10:443 ogads-pa.googleapis.com tcp
GB 216.58.213.10:443 ogads-pa.googleapis.com udp
US 8.8.8.8:53 157.34.239.216.in-addr.arpa udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 216.58.201.110:443 consent.google.com tcp
GB 142.250.200.36:443 www.google.com udp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.111.133:443 avatars.githubusercontent.com tcp
US 185.199.111.133:443 avatars.githubusercontent.com tcp
US 185.199.111.133:443 avatars.githubusercontent.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 133.111.199.185.in-addr.arpa udp
US 8.8.8.8:53 154.108.199.185.in-addr.arpa udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.204.74:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 collector.github.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 api.github.com udp
US 140.82.113.21:443 collector.github.com tcp
US 140.82.113.21:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
GB 216.58.204.74:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 21.113.82.140.in-addr.arpa udp
GB 216.58.204.74:443 content-autofill.googleapis.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.216:443 codeload.github.com tcp
US 8.8.8.8:53 avatars.githubusercontent.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 collector.github.com udp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 e2c67.gcp.gvt2.com udp
DE 34.32.10.90:443 e2c67.gcp.gvt2.com tcp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 beacons.gvt2.com udp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
US 185.199.110.133:443 objects.githubusercontent.com tcp
US 8.8.8.8:53 msedge.api.cdp.microsoft.com udp
US 172.169.87.222:443 msedge.api.cdp.microsoft.com tcp
US 8.8.8.8:53 222.87.169.172.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.200.36:443 www.google.com udp
GB 142.250.200.36:443 www.google.com tcp
GB 216.58.213.10:443 ogads-pa.googleapis.com udp
GB 216.58.213.10:443 ogads-pa.googleapis.com tcp
US 8.8.8.8:53 play.google.com udp
GB 216.58.201.110:443 play.google.com udp
GB 216.58.201.110:443 play.google.com tcp
GB 172.217.169.78:443 clients2.google.com udp
GB 172.217.169.78:443 clients2.google.com tcp
US 8.8.8.8:53 id.google.com udp
GB 216.58.212.195:443 id.google.com tcp
GB 216.58.213.10:443 ogads-pa.googleapis.com udp
US 216.239.34.157:443 tunnel.googlezip.net tcp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
GB 216.58.213.10:443 ogads-pa.googleapis.com tcp
US 216.239.34.157:443 tunnel.googlezip.net tcp
GB 216.58.201.110:443 play.google.com udp
US 8.8.8.8:53 a.apkpure.com udp
US 8.8.8.8:53 static.apkpure.com udp
US 8.8.8.8:53 image.winudf.com udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 t3.cdnpure.com udp
US 104.22.4.119:443 static.apkpure.com tcp
US 8.8.8.8:53 cdnpure.com udp
US 104.22.4.119:443 download.apkpure.com tcp
US 104.22.4.119:443 download.apkpure.com tcp
US 104.26.15.200:443 cdnpure.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 104.22.4.119:443 i.apkpure.com tcp
US 104.22.4.119:443 i.apkpure.com tcp
US 104.22.4.119:443 i.apkpure.com tcp
US 104.22.4.119:443 i.apkpure.com tcp
US 104.22.4.119:443 i.apkpure.com tcp
US 104.22.4.119:443 i.apkpure.com tcp
US 104.22.4.119:443 i.apkpure.com tcp
US 104.22.4.119:443 i.apkpure.com tcp
US 104.22.4.119:443 i.apkpure.com tcp
US 104.26.9.22:443 image.winudf.com tcp
US 104.26.9.22:443 image.winudf.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 104.26.14.200:443 cdnpure.com tcp
GB 172.217.16.226:443 googleads.g.doubleclick.net tcp
US 104.22.4.119:443 i.apkpure.com tcp
US 104.22.4.119:443 i.apkpure.com tcp
US 104.26.14.200:443 cdnpure.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 173.194.69.84:443 accounts.google.com tcp
US 8.8.8.8:53 a.cdnpure.com udp
US 8.8.8.8:53 r.cdnpure.com udp
GB 172.217.16.226:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
US 216.239.32.36:443 region1.analytics.google.com tcp
US 216.239.32.36:443 region1.analytics.google.com tcp
US 216.239.32.36:443 region1.analytics.google.com tcp
BE 74.125.206.157:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 ampcid.google.com udp
GB 142.250.180.3:443 www.google.co.uk tcp
GB 142.250.187.238:443 ampcid.google.com tcp
GB 172.217.169.78:443 fundingchoicesmessages.google.com tcp
US 8.8.8.8:53 119.4.22.104.in-addr.arpa udp
US 8.8.8.8:53 200.15.26.104.in-addr.arpa udp
US 8.8.8.8:53 14.24.17.104.in-addr.arpa udp
US 8.8.8.8:53 22.9.26.104.in-addr.arpa udp
US 8.8.8.8:53 66.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 200.14.26.104.in-addr.arpa udp
US 8.8.8.8:53 226.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 84.69.194.173.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 157.206.125.74.in-addr.arpa udp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
GB 172.217.169.78:443 fundingchoicesmessages.google.com udp
GB 172.217.169.78:443 fundingchoicesmessages.google.com udp
HK 129.226.103.123:443 svibeacon.onezapp.com tcp
HK 129.226.103.123:443 svibeacon.onezapp.com tcp
HK 129.226.103.123:443 svibeacon.onezapp.com tcp
GB 172.217.16.226:443 googleads.g.doubleclick.net tcp
GB 172.217.16.226:443 googleads.g.doubleclick.net tcp
GB 172.217.16.226:443 googleads.g.doubleclick.net tcp
GB 172.217.16.226:443 googleads.g.doubleclick.net tcp
GB 172.217.16.226:443 googleads.g.doubleclick.net tcp
GB 216.58.204.65:443 tpc.googlesyndication.com tcp
GB 216.58.204.65:443 tpc.googlesyndication.com tcp
GB 142.250.200.36:443 www.google.com tcp
GB 216.58.204.65:443 tpc.googlesyndication.com udp
GB 172.217.16.226:443 googleads.g.doubleclick.net udp
GB 142.250.200.36:443 www.google.com udp
US 216.239.32.36:443 region1.analytics.google.com udp
HK 129.226.103.123:443 svibeacon.onezapp.com tcp
HK 129.226.103.123:443 svibeacon.onezapp.com tcp
HK 129.226.103.123:443 svibeacon.onezapp.com tcp
GB 142.250.200.2:443 www.googletagservices.com tcp
GB 216.58.204.66:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 d.apkpure.com udp
HK 129.226.103.123:443 svibeacon.onezapp.com tcp
GB 216.58.204.66:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 1f685698ff04d7dd1a32cbe9f50d4cf6.safeframe.googlesyndication.com udp
GB 142.250.180.1:443 1f685698ff04d7dd1a32cbe9f50d4cf6.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 66.204.58.216.in-addr.arpa udp
HK 129.226.103.123:443 svibeacon.onezapp.com tcp
US 23.237.196.58:443 d-e02.winudf.com tcp
US 8.8.8.8:53 cms.quantserve.com udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 match.prod.bidr.io udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 pr-bh.ybp.yahoo.com udp
US 35.71.131.137:443 match.adsrvr.org tcp
IE 63.32.13.113:443 pr-bh.ybp.yahoo.com tcp
GB 142.250.200.2:443 cm.g.doubleclick.net tcp
DE 91.228.74.200:443 cms.quantserve.com tcp
IE 34.246.145.201:443 match.prod.bidr.io tcp
US 8.8.8.8:53 58.196.237.23.in-addr.arpa udp
US 8.8.8.8:53 137.131.71.35.in-addr.arpa udp
US 8.8.8.8:53 200.74.228.91.in-addr.arpa udp
US 8.8.8.8:53 201.145.246.34.in-addr.arpa udp
US 8.8.8.8:53 113.13.32.63.in-addr.arpa udp
GB 142.250.200.2:443 cm.g.doubleclick.net udp
GB 172.217.169.67:443 beacons.gvt2.com udp
GB 172.217.169.67:443 beacons.gvt2.com tcp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com tcp
GB 163.70.151.35:443 www.facebook.com tcp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 35.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
GB 163.70.151.21:443 static.xx.fbcdn.net udp
US 8.8.8.8:53 facebook.com udp
GB 163.70.151.21:443 static.xx.fbcdn.net udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.201.106:443 content-autofill.googleapis.com tcp
GB 216.58.201.106:443 content-autofill.googleapis.com tcp
GB 163.70.151.35:443 facebook.com udp
US 8.8.8.8:53 106.201.58.216.in-addr.arpa udp
GB 216.58.204.66:443 securepubads.g.doubleclick.net udp
GB 142.250.200.2:443 cm.g.doubleclick.net udp
HK 129.226.103.123:443 svibeacon.onezapp.com tcp
HK 129.226.103.123:443 svibeacon.onezapp.com tcp
US 216.239.32.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 www.google.co.uk udp
HK 129.226.103.123:443 svibeacon.onezapp.com tcp
GB 172.217.16.226:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 google.com udp
GB 172.217.16.226:443 googleads.g.doubleclick.net tcp
GB 172.217.169.3:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.3:443 beacons.gcp.gvt2.com tcp
GB 142.250.180.3:443 www.google.co.uk udp
GB 216.58.212.238:443 google.com tcp
GB 172.217.169.78:443 fundingchoicesmessages.google.com udp
US 8.8.8.8:53 e2c6.gcp.gvt2.com udp
GB 172.217.169.78:443 fundingchoicesmessages.google.com udp
GB 172.217.16.226:443 googleads.g.doubleclick.net udp
US 216.239.32.36:443 region1.analytics.google.com udp
GB 172.217.16.226:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.200.36:443 www.google.com udp
US 8.8.8.8:53 a.tribalfusion.com udp
US 8.8.8.8:53 um.simpli.fi udp
US 8.8.8.8:53 x.bidswitch.net udp
GB 142.250.200.2:443 cm.g.doubleclick.net udp
NL 35.204.158.49:443 um.simpli.fi tcp
GB 216.58.204.66:443 securepubads.g.doubleclick.net tcp
NL 35.214.136.108:443 x.bidswitch.net tcp
NL 35.204.158.49:443 um.simpli.fi tcp
GB 216.58.204.66:443 securepubads.g.doubleclick.net tcp
NL 35.214.136.108:443 x.bidswitch.net tcp
HK 129.226.103.123:443 svibeacon.onezapp.com tcp
US 8.8.8.8:53 csi.gstatic.com udp
CL 64.233.186.120:443 csi.gstatic.com tcp
GB 172.217.169.3:443 beacons.gcp.gvt2.com udp
GB 216.58.204.65:443 tpc.googlesyndication.com udp
US 172.64.150.63:443 a.tribalfusion.com tcp
US 172.64.150.63:443 a.tribalfusion.com tcp
NL 35.214.136.108:443 x.bidswitch.net udp
US 8.8.8.8:53 49.158.204.35.in-addr.arpa udp
US 8.8.8.8:53 108.136.214.35.in-addr.arpa udp
US 8.8.8.8:53 63.150.64.172.in-addr.arpa udp
US 8.8.8.8:53 p.rfihub.com udp
CL 64.233.186.120:443 csi.gstatic.com tcp
NL 193.0.160.130:443 p.rfihub.com tcp
CL 64.233.186.120:443 csi.gstatic.com tcp
GB 104.86.110.105:443 tcp
GB 104.86.110.105:443 tcp
US 216.239.32.36:443 region1.analytics.google.com udp
IN 34.93.91.7:443 e2c6.gcp.gvt2.com tcp
IN 34.93.91.7:443 e2c6.gcp.gvt2.com tcp
US 8.8.8.8:53 r.bing.com udp
GB 92.123.128.177:443 r.bing.com tcp
GB 92.123.128.177:443 r.bing.com tcp
GB 92.123.128.177:443 r.bing.com tcp
GB 92.123.128.177:443 r.bing.com tcp
GB 92.123.128.177:443 r.bing.com tcp
GB 92.123.128.177:443 r.bing.com tcp
US 8.8.8.8:53 7.91.93.34.in-addr.arpa udp
US 8.8.8.8:53 177.128.123.92.in-addr.arpa udp
GB 172.217.169.3:443 beacons.gcp.gvt2.com tcp
GB 92.123.128.178:443 www.bing.com tcp
US 8.8.8.8:53 222.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 178.128.123.92.in-addr.arpa udp
US 8.8.8.8:53 t-ring-s.msedge.net udp
US 8.8.8.8:53 254.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 fb-unicast.msedge.net udp
US 13.107.226.64:443 fb-unicast.msedge.net tcp
US 8.8.8.8:53 static-ecst.licdn.com udp
FR 152.199.21.118:443 static-ecst.licdn.com tcp
US 8.8.8.8:53 254.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 64.226.107.13.in-addr.arpa udp
US 8.8.8.8:53 118.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
NL 34.91.62.186:443 um.simpli.fi tcp
US 8.8.8.8:53 186.62.91.34.in-addr.arpa udp
GB 23.213.251.133:443 cxcs.microsoft.net tcp
GB 92.123.128.181:443 www.bing.com tcp
US 8.8.8.8:53 181.128.123.92.in-addr.arpa udp
US 8.8.8.8:53 offers.pchelpsoft.com udp
US 104.18.22.170:443 offers.pchelpsoft.com tcp
US 104.18.22.170:443 offers.pchelpsoft.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
CL 64.233.186.120:443 csi.gstatic.com udp
GB 172.217.16.226:443 googleads.g.doubleclick.net udp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 170.22.18.104.in-addr.arpa udp
US 8.8.8.8:53 14.25.17.104.in-addr.arpa udp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.3:443 beacons.gcp.gvt2.com udp
GB 172.217.169.3:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.3:443 beacons.gcp.gvt2.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 1fc959921446fa3ab5813f75ca4d0235
SHA1 0aeef3ba7ba2aa1f725fca09432d384b06995e2a
SHA256 1b1e89d3b2f3da84cc8494d07cf0babc472c426ccb1c4ae13398243360c9d02c
SHA512 899d1e1b0feece25ac97527daddcaaeb069cb428532477849eba43a627502c590261f2c26fef31e4e20efd3d7eb0815336a784c4d2888e05afcf5477af872b06

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 e9a2c784e6d797d91d4b8612e14d51bd
SHA1 25e2b07c396ee82e4404af09424f747fc05f04c2
SHA256 18ddbb93c981d8006071f9d26924ce3357cad212cbb65f48812d4a474c197ce6
SHA512 fc35688ae3cd448ed6b2069d39ce1219612c54f5bb0dd7b707c9e6f39450fe9fb1338cf5bd0b82a45207fac2fbab1e0eae77e5c9e6488371390eab45f76a5df1

\??\pipe\LOCAL\crashpad_3860_BGREIPRLHLWVBIJC

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8ffd488630d111277364aaa61c00ce1f
SHA1 b0a3256e6be47eeda9f56873e837bdd7a7caf204
SHA256 997ca6cd9d1bdce0e1a19e5921e7fa3a30100bbc190ed257b8696587679929ff
SHA512 46a2bfec26837f7e611c685532b515347383fad6aba867ec425c77b27946e158be393f8c84d9276679f535042113184aad554d17a28a3a4ac1df49a60a5c44b9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 d5befb60003e57f756e2c3606528c2d8
SHA1 a0229a843e199ef9c566b292658b6731e1c1b1d2
SHA256 275236319e03ad8d00c800408370a309cd0ffd256036b34ba303b9c46a84aac4
SHA512 cdb1837e3d7d5c9652f6ddc4a1f82979c03c85df6f7c11a44823e6093daf49b4988bb6a54d1e33bef9a786eb142754e160f87e87c04b60a9c96c2772bab66048

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a358f877d9c2a26c3ed32c0f90be0866
SHA1 44a2fc4c9b12af24b8e755ab0c72176bfc8c94c3
SHA256 5669f9891acc9471ec618c6033804a7ad450a6bdedbcf174b3dce1ed557849ab
SHA512 b21f040235f2af464b1d6f7741cf57e729ed3473cc7cb7aecc5a9e777205bb2720c004cb4605f57b9d089e336ca269a1dd07044d6d467c0673e6f32cfab4de4c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 2892eee3e20e19a9ba77be6913508a54
SHA1 7c4ef82faa28393c739c517d706ac6919a8ffc49
SHA256 4f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2
SHA512 b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57c1ba.TMP

MD5 d245df1af473ea250f8e9bf4449bc8b7
SHA1 3f80fc35c694b3139460c6b00ec1b89029a39b41
SHA256 60e81a78ef2df0f8617dd2a5de0fc47b467f7b1a7eac4e5944be6fe7e90e7e30
SHA512 01ff59c292a1d695850afb06a7312122d6e4d0afe71458ac952bfc3b86ea54acae0b73b9fb8afc55cbcb97964b4eba848abb4b06d62a77f6289c1a799c8fbdc5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 03e2cb64e1266e5dff89d1a336af0af6
SHA1 fa2d3ff93494dd8e3f1df358f13c9bd34ef542b5
SHA256 40dba2df9acfcee8ecb85d4e76d8e6a05e1b27f5adef4193ef9900053d9e5176
SHA512 8f6a77ce9b6c423e184c7ed155f41c21ebf9839319ef8339fe58397c02297ae1cb4b7ecd8fd23dab4a21c9d0fcff3da35cbf08e8e5096bcc2117d7b317b1282c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57cb7e.TMP

MD5 d9a4cb8b257ba3c585e097b66b5daa63
SHA1 01f5b7f65f6302ce78c59b36bf5c29954e98cddd
SHA256 5f4bb76465d1ce142a58a3c7cb43f8b8128b0fa8d5cfc0a5fbfa2b315dde1d9d
SHA512 d7821e8d632b0c24fe9969619807d6ecb2efd1c1416f33669cc099593cd90e5fd72a6e722cbf164df88b4797ea511c5125410180395992d5176cd20c545732c9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c6f8b814d4f5b0c1616f2e178449e0f7
SHA1 94a78938a55c99f29eff2ed24b3e8dd734210b2e
SHA256 64842a86c40b53dd9ff5211224f3c6bc40502f836f7c0bc35b221c1b5303381e
SHA512 bf116761e6d9a06a874f10cbd994b82b139a14a9998d06cae86e48bcb45aaf28409274d4e9ae0760dca8fbc508eca8aca6ef140fb80dee97601c8753030a3fa7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c75da85f40a8bcc637dbdef320e28919
SHA1 6f32214c5e9434767f7e52b344da7df8d30ec313
SHA256 105007be88e8451d43a73126ed9687aa5c65c4e3bf6a9257d1fc5522a0003f6c
SHA512 e0f12d12f596b273f43bc24e34216ede3e40e1d547ec90d566712186e051ef3a73d723876fb5561019d2da463ab65afd656270b8d78581888845e82008075033

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7cf062de2b9030754807201711017275
SHA1 ab8826888f43cf0c2799371120c8dea3d70ec7f5
SHA256 30751548efb90b6765c01166891bc8f0f37591e76e5a9821b337cfd01f899684
SHA512 21f2fc0debf37b4c25248bcd57697ed3275ae45f3cea9031fbbfc6e3b0b11427825f6db06e457b5199c78a1a5596e79ff6172154edd5169e96d65986ea2aee41

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 13cedac5d68aef7525a5a5c246ba115a
SHA1 9ebf5634c2a20f8656b4f47f3653388fecd19100
SHA256 5a7f65bb24185cb17cec27b42965dfa115653b774233c7f5be9e805f3a4c1a6b
SHA512 260eca3dc262cbacb5c811353e0f7ad3f8f5b630ef30ec9d42fe6c31cad4c914b5f64b8b1e5cba79b0d1eaface256dfd21378d88871f9a4a63a2789f63b13afc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3cd379f2845f969beafc84171bf288fc
SHA1 e90d06ccb8ec7eb5c1b515ef925834a45a95b780
SHA256 44f8238d1936d5d7d6574906bd4591d5c466a2c2f69d403c84bdcc94a354e999
SHA512 f40816b2462b83ef7ee56ebb2915af082338d0fd58a91eed53eff6a2925148800dc11f3b2f9241e0a121a68c77e090c11ad9a84ba395da1382b565f331be9ece

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 64fde5d1d8a5f56bac4a40fbd7af6989
SHA1 ef8e1c582afafaa38c79fda2abcbb0f0abb16a4c
SHA256 0240befba0dd4a7af8781ba01979ba0e39ad431df33db80e8a3c15181e8f64f0
SHA512 ef0483d11d9f4eb9573ac703982e0b990ac40fdfb24eaeaa1e5fafb76b1811c8d97bdcc629ba84478b8f44299be65beb5beef8635a676c404d3d47d7c2c9e5ad

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 4007a2e1c1029e6d5919a5f7fa5aa318
SHA1 e2f085150d0fdb918d182b0601c5703f8e8c1639
SHA256 f41fc03d23cc405b7ff719d6e915eb20af04e52a26b656a34cd5f7b9f564a59f
SHA512 fbb3c6edc7b9fdbf3feb72eb90fe3f637bae00b363c3b442983f573d37c2e044c36176b51042ebb499b8c7831b8ea54f69e695e07cfbafe2ed140bc9326fbcd7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 1357721a81981145888e5fab597fd383
SHA1 7625909f0e10c00024a5212bc710d3d31e72c991
SHA256 dc4b2656df1ebb6b9bdc9f4326bb8848ec577181be0eeb025dff5cfdc193069e
SHA512 632729534795e37bd36818beb6de682fb27781374968448b8d5aa6efcfb15c014b52b2e2019745a4b4133c524bf4d91dd93b9612dabd0d3ad1587e571d10f899

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6d28d651015c9d6e415693d9e7bdfe8b
SHA1 ef849d2391acf8355da9f34b73f8d310b508b926
SHA256 dfa266927edca933e7b1a47360e97e5cabab6dac952ef3cc9182e3332bc779d9
SHA512 fae1254f15ad422a476e6e8c49d6bc77bf2ea9522712ad840aa87918447405cad3dd3c41b9f7990a43e3297667b6aa7af5d45179300d4928b2bac09f7a4dce95

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 bd72b5ea926f136670ecf3e3d9a8ef08
SHA1 34096d251477f0e87d58492789b6f85d3785211a
SHA256 ec6b6d3d25930c087a06a96075ffb591c89ec4964a6adf4096e291f0980944cc
SHA512 ec7083a89c7af7948143bb4bb206f3ed6a761f50acf2add8dcb69eb0f63948139db21c73393c7da1a61164d6f201cc86f64a791da07fd26d8b5a5bb6655fdff7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 943df2c3f045e2a04aa2fbba8432e408
SHA1 1cb1f4888b053b442652649415a62224d9c79346
SHA256 55ca44b229e35063849a89e6eb41b59e1c0ca18b8a96e9e2e3ac092a6586e537
SHA512 f53da179a0021498351646fd96d884c313f9df447da6e7ddc42ec86663acb9d7f90f415dd505955f08f1e13aceb6f71f128e5bd0300e2aad68ee5429ff727670

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 771f9ba5c0e9846ae66f33a2ed4bcb61
SHA1 c57e89900f77d257d1cc25ec33a74a260b2d419c
SHA256 f26f679e2bb66cfb3706fb538361699d1493f01a1902420094c7cd6fef616b48
SHA512 0bc5b703df2bd4e54e0095a8cfa233116c157afc9fc0275b51e90447dfa7fa75e17de046de081a68256b1f6c7698ead3de292c909a876c4b17fb4f579288c4df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ad421a692bb5987d2f5f44f0ac8e1f72
SHA1 ac5517ca60e938b67256ffac50791f5d174bfe8f
SHA256 edff152c15ce6824bb38bde68abd6f51efc991c3ca39a82cdece047467a18a33
SHA512 c95977573a90b8efb221d390df7eb115a61a198172187751b2073776e7b8007011f4ec2e34c6b3d4db852a8d1f3183ae2ed83c131606e12756cea4845a449e04

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 a22ecbea9c7ac8a043ebd751d504fffd
SHA1 07b3adff3563b54c0ad6aef9d2e02b345d5575b5
SHA256 ca759a4ca0b87a25562f652d08d934bc232148c6e45d7521f3574f316391cba9
SHA512 364bb86d38ead15079ef0144cc561d2f1978af843b2c649783ac163e6de148b775320be65824220ded9e0852ffa2263802218001d0de5c92334ceefe5b9d15dd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 82dae8af66c76f8c29d04de9afc13403
SHA1 04072fb3e64dc6eac402ed48638c03aa942ff4f5
SHA256 615ec58672d6df346bbcd4df10b6c8eacc4f686325d5611e8c9bcfa78b0d09c1
SHA512 6ec261d39f95865b2e09bcb4330f569dc045064f7214d221b727145781285402e43494f1147b7754353a098550b397e67f02a8d740fbf1545988572fdac9eaa3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 408568aa2282b8e680f88c1f9af5a94b
SHA1 0ea580d07b1224864865d03a831cd70d8abe3455
SHA256 98b7f38b34ac951111957764fee74af1a01cae49edf86c8c80745c7fd6583744
SHA512 40e9928b782af93aa693e1c6a21f16be4fe7087586c6b86ba749c8fe3b9157e29cc5511f7e6e022b612ef6aa8ac0a20ee3c8cdb59eaf98bf4ee27172a3788f20

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001b

MD5 f15bbb2edb3e90d2e50a1bd3f91cd22e
SHA1 c2404c061672b62390a6934755563bc873d439d1
SHA256 b1c79ea27e509be44a0d71da02d4944c75e614756af2c9e16f20731ee533986a
SHA512 c2a8083652ac01d6477ba8e4f136ca5cc59665914a94eaa20d17c6855cbd87b1a12e5d0feb8c920136beaa32994e345ba8614a4817b632d6d216c284673269f9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 74c49905d862382fb9c4cbbff02b2421
SHA1 97160950363ef45611dcf64d1f7980de5df09802
SHA256 691b766de16107ff3c520163a8c99e9e51edb19c8aa00f9ef03c9b61f80d3e47
SHA512 365ecfabf16aae78e7ad3d0e0be186ac3416d5b1f21ffbc3663870b2b4a6cb89ee3cd5b21905d0f2e656dc1f35cc1133af5a2abd3c1cf0b2d852946cc2251c62

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 55bf412b3dcb9cd386226041693b8a2f
SHA1 2624959b0d1ad6c05add3b000a4fadd205161c9e
SHA256 0a2826ca7fb2c26622a9827f1ce61c07db00c24fd77f75084dc249bcc865ccf2
SHA512 5e6ed319049f1320022d0effc8d00bfdcd3ce72e9ed8a3179f2fba6506851f6b1ed4a3e857f9ff4b167a3a54a4b95b1d255f377506c595c907425f130a6bdc42

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 446252b969857153142dcc694493d221
SHA1 dae390aab24d52f096a5485c65d7cd5baad0ee4f
SHA256 d514da497e3489941d3e06f5d87fe217be7d51a64f1ca4f5111d25f5b4c70122
SHA512 37e49d38e3dde5b1032ae5fe8bca438c37658d55abc6bf0f5e8d181c30af18232a906febb0678a2f39bb71409e9cbc9558c069bd5c43a7cd15d031216b5129a5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 4b9f82780b442dbdbe2a4bb0f7edcf79
SHA1 02cde37ffdd57d2586eac72bff6f19d1afb66423
SHA256 89dc1e9248e6a55a9a60fbf45144e70fc6332eb7e6f69fd3523a0acbd339962c
SHA512 4dcafebc80101a922c50cb4c550643e440cc6437768c7ce05d042689db148c64d72c5f56160e8ea567785d5c573fbd20638a73e1bda3aff224f1173eb967516b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 640a4c04bf40fe5c7571cc4259ebe939
SHA1 e1ef07717325c6db15f83552d8355e99a57a1c4d
SHA256 868a6fc95a731ea1f3e1ce0d62fc72fffad02c9d19418d739b6c2cacf830529d
SHA512 6a0794f586faf24ca4de634cd29cbb485623b11cba22ebc68190af292cf1604749f2a9f2557c4a67169511b213235d0b6c3cc340a03733ac4191c864ebd8d502

C:\Users\Admin\Downloads\Unconfirmed 40380.crdownload

MD5 5b794d63ae37a70dafde076b14f13960
SHA1 c61ff3b39739803048232dbfb8fcd18d4feedeb9
SHA256 a9de88a9e0ef908e7683cbb26e3b9d203c3db4de03f16220a219b3f4d61ce402
SHA512 5be5ca2fadc8e970cb13b3b99662d4ea65dd6766579ef9776b8a958675d04afd0199b136e55a73907f2bf43880a539e08b4815f3dc56b0d4e6a82339ec60c63e

C:\Users\Admin\Downloads\RobloxStudioInstaller.exe:Zone.Identifier

MD5 fbccf14d504b7b2dbcb5a5bda75bd93b
SHA1 d59fc84cdd5217c6cf74785703655f78da6b582b
SHA256 eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
SHA512 aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a4d98e944268f86f6da4452d27854747
SHA1 96ce524122e9c22b750ff3308aa8c046d632dad5
SHA256 8eea8a177dfbd9e1f46aa64e20ed78af8db879e91d4e181ead0100b15a113cf2
SHA512 b13af7f404eaa21b8a598aac1500aff1e535f7e688e7c1eb4eb342e15e7ef439708dbd0f4d2a550ee76f0c0d4a49cad0fac63606e8def13ccac9a5baa2c228a6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a998e8a87464343ade1167a6049b934e
SHA1 dce14d5983f736e0aad2bbfb2232b4b5d5f49e37
SHA256 34fed6ce33011b3c400bd0c59d2bd6675e4fdff9c5c9922232dfc85e2a0aa619
SHA512 30c2eb35b9e6302014538839ca73bc3f05fe995093222aa4a62f5bb0de308a90051ca4075f11f5cfc688fbfa7391797cfa3650da56adc3ad3fcdbe08bdc4aebf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 4e3d91f62d5839541b519269931fdde2
SHA1 ee8c83a08443b31b55425909be77c21d13c2c0e0
SHA256 95acce0c817a4b38b363d5acfed255ecb913b88922ac4093790dbc8ef040806d
SHA512 e3742919c77cdced8be0745a946e4fa6cd0169b848f6ea6d22728b207a21a6024c7a0a4c3893659997dda02616b33dd32a00c08dbf6c1bddedd0d9facc14c865

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 18661a13d94a7fbfb6263cf37bcaba2d
SHA1 a5c5f133e5614e7ad5c0f7743de19e5fb06d789f
SHA256 f8ddc5239ea38b262897ee5c302034fb20028a4927e50dd90d89077a5bb25aad
SHA512 80b20be25321b6f010a002132d882c7cd7e3d257d062c1cccca6cd2d3a2c16e889233897d5ad641154cc37a143dcd99559481ac83f7b1c1ac3064ee650d158f7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a47629555952c9c534155e634db624fb
SHA1 ad1361d31267a2481d1160f3e5bc2b60cff69d04
SHA256 9dce53b4a070482c28554435b95f4e7e5c4e36f7824d32d1e38d5b4b55ebffa3
SHA512 348f49f67d20db97d57abd598ee75711a8cbeed0f3444910301a24fb5d2eef6ff17d33cbd1851f58cfce8be69e32642b5d6d28ca9c9714fb9e99ae21cbcafd8f

C:\Program Files (x86)\Roblox\Versions\version-297eb79ede584243\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe

MD5 610b1b60dc8729bad759c92f82ee2804
SHA1 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552
SHA256 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08
SHA512 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\MicrosoftEdgeUpdate.exe

MD5 4dc57ab56e37cd05e81f0d8aaafc5179
SHA1 494a90728d7680f979b0ad87f09b5b58f16d1cd5
SHA256 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718
SHA512 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\msedgeupdate.dll

MD5 965b3af7886e7bf6584488658c050ca2
SHA1 72daabdde7cd500c483d0eeecb1bd19708f8e4a5
SHA256 d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19
SHA512 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\msedgeupdateres_en.dll

MD5 4a1e3cf488e998ef4d22ac25ccc520a5
SHA1 dc568a6e3c9465474ef0d761581c733b3371b1cd
SHA256 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011
SHA512 ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\MicrosoftEdgeUpdateCore.exe

MD5 c044dcfa4d518df8fc9d4a161d49cece
SHA1 91bd4e933b22c010454fd6d3e3b042ab6e8b2149
SHA256 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2
SHA512 f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\msedgeupdateres_fil.dll

MD5 7c66526dc65de144f3444556c3dba7b8
SHA1 6721a1f45ac779e82eecc9a584bcf4bcee365940
SHA256 e622823096fc656f63d5a7bbdf3744745ef389c92ec1b804d3b874578e18c89d
SHA512 dbc803c593ae0b18fd989fdc5e9e6aee8f16b893ae8d17e9d88436e2cd8cae23d06e32e4c8a8bf67fc5311b6f2a184c4e6795fed6d15b3d766ef5affc8923e2f

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\msedgeupdateres_fi.dll

MD5 d45f2d476ed78fa3e30f16e11c1c61ea
SHA1 8c8c5d5f77cd8764c4ca0c389daee89e658dfd5e
SHA256 acf42b90190110ccf30bcfb2626dd999a14e42a72a3983928cba98d44f0a72e2
SHA512 2a876e0313a03e75b837d43e9c5bb10fcec385fbb0638faa984ee4bb68b485b04d14c59cd4ed561aaa7f746975e459954e276e73fc3f5f4605ae7f333ce85f1b

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\msedgeupdateres_fa.dll

MD5 cbe3454843ce2f36201460e316af1404
SHA1 0883394c28cb60be8276cb690496318fcabea424
SHA256 c66c4024847d353e9985eb9b2f060b2d84f12cc77fb6479df5ffc55dbda97e59
SHA512 f39e660f3bfab288871d3ec40135c16d31c6eb1a84136e065b54ff306f6f8016a788c713d4d8e46ad62e459f9073d2307a6ed650919b2dd00577bbfd04e5bd73

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\msedgeupdateres_eu.dll

MD5 a7e1f4f482522a647311735699bec186
SHA1 3b4b4b6e6a5e0c1981c62b6b33a0ca78f82b7bbd
SHA256 e5615c838a71b533b26d308509954907bcc0eb4032cdbaa3db621eede5e6bfa4
SHA512 22131600bbac8d9c2dab358e244ec85315a1aaebfc0fb62aaa1493c418c8832c3a6fbf24a6f8cf4704fdc4bc10a66c88839a719116b4a3d85264b7ad93c54d57

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\msedgeupdateres_et.dll

MD5 b78cba3088ecdc571412955742ea560b
SHA1 bc04cf9014cec5b9f240235b5ff0f29dbdb22926
SHA256 f0a4cfd96c85f2d98a3c9ecfadd41c0c139fdb20470c8004f4c112dd3d69e085
SHA512 04c8ab8e62017df63e411a49fb6218c341672f348cb9950b1f0d2b2a48016036f395b4568da70989f038e8e28efea65ddd284dfd490e93b6731d9e3e0e0813cf

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\msedgeupdateres_es-419.dll

MD5 28fefc59008ef0325682a0611f8dba70
SHA1 f528803c731c11d8d92c5660cb4125c26bb75265
SHA256 55a69ce2d6fc4109d16172ba6d9edb59dbadbc8af6746cc71dc4045aa549022d
SHA512 2ec71244303beac7d5ce0905001fe5b0fb996ad1d1c35e63eecd4d9b87751f0633a281554b3f0aa02ee44b8ceaad85a671ef6c34589055797912324e48cc23ed

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\msedgeupdateres_es.dll

MD5 9db7f66f9dc417ebba021bc45af5d34b
SHA1 6815318b05019f521d65f6046cf340ad88e40971
SHA256 e652159a75cbab76217ecbb4340020f277175838b316b32cf71e18d83da4a819
SHA512 943d8fc0d308c5ccd5ab068fc10e799b92465a22841ce700c636e7ae1c12995d99c0a93ab85c1ae27fefce869eabadbeafee0f2f5f010ad3b35fa4f748b54952

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\msedgeupdateres_en-GB.dll

MD5 d749e093f263244d276b6ffcf4ef4b42
SHA1 69f024c769632cdbb019943552bac5281d4cbe05
SHA256 fd90699e7f29b6028a2e8e6f3ae82d26cdc6942bd39c4f07b221d87c5dbbfe1e
SHA512 48d51b006ce0cd903154fa03d17e76591db739c4bfb64243725d21d4aa17db57a852077be00b9a51815d09664d18f9e6ad61d9bc41b3d013ed24aaec8f477ad9

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\msedgeupdateres_el.dll

MD5 ac275b6e825c3bd87d96b52eac36c0f6
SHA1 29e537d81f5d997285b62cd2efea088c3284d18f
SHA256 223d2db0bc2cc82bda04a0a2cd2b7f6cb589e2fa5c0471a2d5eb04d2ffcfcfa0
SHA512 bba581412c4297c4daf245550a2656cdc2923f77158b171e0eacf6e933c174eac84580864813cf6d75d73d1a58e0caf46170aee3cee9d84dc468379252b16679

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\msedgeupdateres_de.dll

MD5 aab01f0d7bdc51b190f27ce58701c1da
SHA1 1a21aabab0875651efd974100a81cda52c462997
SHA256 061a7cdaff9867ddb0bd3de2c0760d6919d8d2ca7c7f889ec2d32265d7e7a75c
SHA512 5edbda45205b61ac48ea6e874411bb1031989001539650de6e424528f72ec8071bd709c037c956450bb0558ee37d026c26fdb966efceb990ed1219f135b09e6e

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\msedgeupdateres_da.dll

MD5 d34380d302b16eab40d5b63cfb4ed0fe
SHA1 1d3047119e353a55dc215666f2b7b69f0ede775b
SHA256 fd98159338d1f3b03814af31440d37d15ab183c1a230e6261fbb90e402f85d5f
SHA512 45ce58f4343755e392037a9c6fc301ad9392e280a72b9d4b6d328866fe26877b2988c39e05c4e7f1d5b046c0864714b897d35285e222fd668f0d71b7b10e6538

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\msedgeupdateres_cy.dll

MD5 34d991980016595b803d212dc356d765
SHA1 e3a35df6488c3463c2a7adf89029e1dd8308f816
SHA256 252b6f9bf5a9cb59ad1c072e289cc9695c0040b363d4bfbcc9618a12df77d18e
SHA512 8a6cbcf812af37e3ead789fbec6cba9c4e1829dbeea6200f0abbdae15efd1eda38c3a2576e819d95ed2df0aafd2370480daa24a3fe6aeb8081a936d5e1f8d8ed

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\msedgeupdateres_cs.dll

MD5 16c84ad1222284f40968a851f541d6bb
SHA1 bc26d50e15ccaed6a5fbe801943117269b3b8e6b
SHA256 e0f0026ddcbeafc6c991da6ba7c52927d050f928dba4a7153552efcea893a35b
SHA512 d3018619469ed25d84713bd6b6515c9a27528810765ed41741ac92caf0a3f72345c465a5bda825041df69e1264aada322b62e10c7ed20b3d1bcde82c7e146b7e

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\msedgeupdateres_ca-Es-VALENCIA.dll

MD5 2929e8d496d95739f207b9f59b13f925
SHA1 7c1c574194d9e31ca91e2a21a5c671e5e95c734c
SHA256 2726c48a468f8f6debc2d9a6a0706b640b2852c885e603e6b2dec638756160df
SHA512 ea459305d3c3fa7a546194f649722b76072f31e75d59da149c57ff05f4af8f38a809066054df809303937bbca917e67441da2f0e1ea37b50007c25ae99429957

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\msedgeupdateres_ca.dll

MD5 39551d8d284c108a17dc5f74a7084bb5
SHA1 6e43fc5cec4b4b0d44f3b45253c5e0b032e8e884
SHA256 8dbd55ed532073874f4fe006ef456e31642317145bd18ddc30f681ce9e0c8e07
SHA512 6fa5013a9ce62deca9fa90a98849401b6e164bbad8bef00a8a8b228427520dd584e28cba19c71e2c658692390fe29be28f0398cb6c0f9324c56290bb245d06d2

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\msedgeupdateres_bs.dll

MD5 e338dccaa43962697db9f67e0265a3fc
SHA1 4c6c327efc12d21c4299df7b97bf2c45840e0d83
SHA256 99b1b7e25fbc2c64489c0607cef0ae5ff720ab529e11093ed9860d953adeba04
SHA512 e0c15b166892433ef31ddf6b086680c55e1a515bed89d51edbdf526fcac71fb4e8cb2fadc739ac75ae5c2d9819fc985ca873b0e9e2a2925f82e0a456210898f9

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\msedgeupdateres_bn-IN.dll

MD5 a94cf5e8b1708a43393263a33e739edd
SHA1 1068868bdc271a52aaae6f749028ed3170b09cce
SHA256 5b01fe11016610d5606f815281c970c86025732fc597b99c031a018626cd9f3c
SHA512 920f7fed1b720afdb569aec2961bd827a6fc54b4598c0704f65da781d142b1707e5106a459f0c289e0f476b054d93c0b733806af036b68f46377dde0541af2e7

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\msedgeupdateres_bn.dll

MD5 7dc58c4e27eaf84ae9984cff2cc16235
SHA1 3f53499ddc487658932a8c2bcf562ba32afd3bda
SHA256 e32f77ed3067d7735d10f80e5a0aa0c50c993b59b82dc834f2583c314e28fa98
SHA512 bdec1300cf83ea06dfd351fe1252b850fecea08f9ef9cb1207fce40ce30742348db953107ade6cdb0612af2e774345faf03a8a6476f2f26735eb89153b4256dc

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\msedgeupdateres_az.dll

MD5 7937c407ebe21170daf0975779f1aa49
SHA1 4c2a40e76209abd2492dfaaf65ef24de72291346
SHA256 5ab96e4e6e065dbce3b643c6be2c668f5570984ead1a8b3578bbd2056fbad4e9
SHA512 8670746941660e6573732077f5ed1b630f94a825cf4ac9dbe5018772eaac1c48216334757a2aeaa561034b4d907162a370b8f0bae83b34a09457fafe165fb5d7

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\msedgeupdateres_bg.dll

MD5 8375b1b756b2a74a12def575351e6bbd
SHA1 802ec096425dc1cab723d4cf2fd1a868315d3727
SHA256 a12df15afac4eb2695626d7a8a2888bdf54c8db671043b0677180f746d8ad105
SHA512 aec4bb94fde884db79a629abcff27fd8afb7f229d055514f51fa570fb47a85f8dfc9a54a8f69607d2bcaf82fae1ec7ffab0b246795a77a589be11fad51b24d19

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\msedgeupdateres_as.dll

MD5 a8d3210e34bf6f63a35590245c16bc1b
SHA1 f337f2cbec05b7e20ca676d7c2b1a8d5ae8bf693
SHA256 3b82de846ad028544013383e3c9fb570d2a09abf2c854e8a4d641bd7fc3b3766
SHA512 6e47ffe8f7c2532e7854dcae3cbd4e6533f0238815cb6af5ea85087c51017ea284542b988f07692d0297ebab1bad80d7613bf424ff532e10b01c8e528ab1043a

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\msedgeupdateres_ar.dll

MD5 570efe7aa117a1f98c7a682f8112cb6d
SHA1 536e7c49e24e9aa068a021a8f258e3e4e69fa64f
SHA256 e2cc8017bc24e73048c7ee68d3787ed63c3898eec61299a9ca1bab8aeaa8da01
SHA512 5e963dd55a5739a1da19cec7277dc3d07afdb682330998fd8c33a1b5949942019521967d8b5af0752a7a8e2cf536faa7e62982501170319558ceaa21ed657ae8

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\msedgeupdateres_am.dll

MD5 f6c1324070b6c4e2a8f8921652bfbdfa
SHA1 988e6190f26e4ca8f7ea3caabb366cf1edcdcbbf
SHA256 986b0654a8b5f7b23478463ff051bffe1e9bbdeb48744e4aa1bd3d89a7520717
SHA512 63092cf13e8a19966181df695eb021b0a9993afe8f98b1309973ea999fdf4cd9b6ffd609968d4aa0b2cde41e872688a283fd922d8b22cb5ad06339fe18221100

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\EdgeUpdate.dat

MD5 369bbc37cff290adb8963dc5e518b9b8
SHA1 de0ef569f7ef55032e4b18d3a03542cc2bbac191
SHA256 3d7ec761bef1b1af418b909f1c81ce577c769722957713fdafbc8131b0a0c7d3
SHA512 4f8ec1fd4de8d373a4973513aa95e646dfc5b1069549fafe0d125614116c902bfc04b0e6afd12554cc13ca6c53e1f258a3b14e54ac811f6b06ed50c9ac9890b1

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\msedgeupdateres_af.dll

MD5 567aec2d42d02675eb515bbd852be7db
SHA1 66079ae8ac619ff34e3ddb5fb0823b1790ba7b37
SHA256 a881788359b2a7d90ac70a76c45938fb337c2064487dcb8be00b9c311d10c24c
SHA512 3a7414e95c2927d5496f29814556d731aef19efa531fb58988079287669dfc033f3e04c8740697571df76bfecfe3b75659511783ce34682d2a2ea704dfa115b3

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\NOTICE.TXT

MD5 6dd5bf0743f2366a0bdd37e302783bcd
SHA1 e5ff6e044c40c02b1fc78304804fe1f993fed2e6
SHA256 91d3fc490565ded7621ff5198960e501b6db857d5dd45af2fe7c3ecd141145f5
SHA512 f546c1dff8902a3353c0b7c10ca9f69bb77ebd276e4d5217da9e0823a0d8d506a5267773f789343d8c56b41a0ee6a97d4470a44bbd81ceaa8529e5e818f4951e

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\MicrosoftEdgeComRegisterShellARM64.exe

MD5 7a160c6016922713345454265807f08d
SHA1 e36ee184edd449252eb2dfd3016d5b0d2edad3c6
SHA256 35a14bd84e74dd6d8e2683470243fb1bb9071178d9283b12ebbfb405c8cd4aa9
SHA512 c0f1d5c8455cf14f2088ede062967d6dfa7c39ca2ac9636b10ed46dfbea143f64106a4f03c285e89dd8cf4405612f1eef25a8ec4f15294ca3350053891fc3d7e

C:\Program Files (x86)\Microsoft\Temp\EUC456.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe

MD5 60dba9b06b56e58f5aea1a4149c743d2
SHA1 a7e456acf64dd99ca30259cf45b88cf2515a69b3
SHA256 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112
SHA512 e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7

C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log

MD5 94c9db178c9e02ec165659a1b3f02412
SHA1 aff75ba50409399e1eed12c3a80c400d0e3631ba
SHA256 f2f87f312ca3efc47609b9e33b666b0800e689cd8e226236638418c2b99a2ea2
SHA512 6caea22dc8d00022ab2eb751d487163a8d334158bf6682e8b5ed36b49fe2b36503b6fb6ccb57e2b1598359e78fbc7000036da749e9115f97780d46953b4f5d13

memory/3552-1382-0x0000000000F10000-0x0000000000F45000-memory.dmp

memory/3552-1383-0x0000000073B40000-0x0000000073D50000-memory.dmp

C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat

MD5 89a163bee1d460f621e092110718169f
SHA1 8996d93f9b0a65a934c63046950a087d0d3421ed
SHA256 f62aad0406e1653f754bb72433b4154fc9bd90a552dac4fcdbd031020069670a
SHA512 ebe6ad0336d21e4ab92ec592ce3a3b8a3c93cbaa09ccbb8713efd9666a464134a539ebe708620c52253403b62d6983cc6334bb60d95f00a36e1cf854b6f8d869

memory/3552-1408-0x0000000073B40000-0x0000000073D50000-memory.dmp

C:\Program Files (x86)\Microsoft\EdgeCore\129.0.2792.89\Installer\setup.exe

MD5 b2b8b59239badeaed5735309a8ee41f6
SHA1 74517558c67543cc43205fa5a3103983acc6695d
SHA256 b835fc75b2cafd3860b419eb711697e15aa30c7912fd989312253e19ff0b8a50
SHA512 67a90661cb5f8923062a5364a5c3461a928d8425e9b5c3a260431f91be55343aeca0387b8f374468dd0ec46c52b46c2f2e12f5c9c5a4b9ce72889ee159d0bc61

memory/3552-1439-0x0000000000F10000-0x0000000000F45000-memory.dmp

memory/3104-1444-0x00007FFB617A0000-0x00007FFB61CEC000-memory.dmp

memory/3104-1446-0x00007FF79BE40000-0x00007FF79CE40000-memory.dmp

memory/3104-1447-0x00007FFB60720000-0x00007FFB60B22000-memory.dmp

memory/3104-1445-0x00007FFB60720000-0x00007FFB60B22000-memory.dmp

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State~RFe5d3868.TMP

MD5 b54a44f9c640ff6e2e68d5d93a856743
SHA1 c9ccc0e16a93472457fc0230803d82bf19287068
SHA256 e211c9f1b10e044c02ec4a68d6c2dc65234a74c2f9600b3e44d546813dc0449c
SHA512 56d1ca1f39c6c46f8c5a86ae7be9121b788e0a947d277f2f17a77d7148259b2060fe6baffc123ea20c6d911e9b8e3babd46b88a4455644c0c85c5febbac96f44

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\ShaderCache\data_1

MD5 d0d388f3865d0523e451d6ba0be34cc4
SHA1 8571c6a52aacc2747c048e3419e5657b74612995
SHA256 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b
SHA512 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 d71a1f6cd820827a82df417c63fdc8aa
SHA1 70f123f48af3082b6b34d007290638d4941c89cd
SHA256 74d1a400a9002db08c5a33b4e29c044d98e73f68a0ca5b0de4651903df0f07b5
SHA512 1a201395baebc2437ab699519f0ad240c483ea93d485a5e69412b80a1a3f2b5e94de65e7f9a0dc135ff9b24cf573f467ad44ceaf607542bb958d0cc4c06ecfc5

memory/1548-1562-0x00007FFB82F30000-0x00007FFB82F31000-memory.dmp

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 bb3273a68deb2601daa38ee8f0a0add5
SHA1 5326e0d267ad980757a195f93a0b8a31a5b61eb5
SHA256 9bef791c6071c4e5679b75de02f2b264a1e4339dca01406ed4b69289ce66c818
SHA512 34bfa268ad14860942bca7b624d9c15f42bc773878070f79f469992fa8fa4171ffe11389beddcb89de5bdae44666bd6b781f5b62c6e64bb33237924d882f486f

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Sync Data\LevelDB\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 ae3e246177c1673d89e7b4b0238ab7b4
SHA1 7c99dc8f45b8dcf13942848e3e0569062e72b03e
SHA256 f0302668787daf769998fe43e41903bf5738e79e12fe178e228f60749a7b950c
SHA512 ba74b4cf045311cf9d425085c4e1a2b962bd61bdf3d22ef8cdfea92e2028c2109556cb9f32ba1c354cdc4aff6a60f2de1d89c1b45d794ed84f436d82f71dfc28

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad\settings.dat

MD5 3c2e1eab2e161b7926f9541183102adf
SHA1 beeebc42dc280f317fbe441770bebfb91cb0deb9
SHA256 a5ddeaf7559afc90d5622c178fa6fc36b789e558e769f752c8a11f59126a8213
SHA512 c676fee74fbfcbf8a759484e5ef649d9b6050fa6331e27911ba06b91edf86d3208508d610aea56327f00a7c908d574ab39f370944c0366a0f021e96e64aa5de3

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GraphiteDawnCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GraphiteDawnCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

memory/2900-1615-0x00007FFB82F30000-0x00007FFB82F31000-memory.dmp

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\GrShaderCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

memory/2900-1649-0x00000258AD3C0000-0x00000258AD42F000-memory.dmp

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

memory/4408-1664-0x0000023999800000-0x000002399986F000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 96ff0d698ba1e05a4b81020aad421704
SHA1 ea21ae35e7b12c2c5a57a6e6dd94c7a3aa2268e2
SHA256 b160f105ba77c0cb82a2ecf8615510ba1226ae9084a872613ff0fdb665884448
SHA512 d381104c4e9f25be2dd8e111510b63ba2ec21dc166926262ff647e88ca80023a2310146cb2cc015a81f1d9f6c13e9c152838b654bd7ac174a3ded30efab8cac5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6ca98355629e953331bd8d14757993cc
SHA1 e9c4d456ee5c9e0dc5bba88c249fe4596fc507e0
SHA256 f22d0dff2917dc76d8532d794ea347cb238e1d530de94775a4aa645b85761319
SHA512 d7d75c168e910018f92d643152339c68a46024a1b68fe9f7267fe3b487e30be5d66fd87353892e96f9aed8bb3216cc3c14a19058193c8a3baea6dc9a7944ee76

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 7723637f91dfcb3f4ffed756741b9dbe
SHA1 8228e13f711ca1ff5b7798e2057c2905f3d18dbf
SHA256 53744aa909530130e2382e877ec0cf147bba1cbfda8b71814c9cf0fc5deb6819
SHA512 e3e3de57618cdc4a99d7b98136173edf497f724644faeb63db573e2bb8afb4de7aed37a82870ec71ac40658383f99bd0a944d7af737e3a91a3838c07a94e60e9

memory/3488-1983-0x0000018E3E110000-0x0000018E3E17F000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 cc957e2865090b19e3a8247de59c38b8
SHA1 e9c98fa392b7e1181315131ec3ec5ce9f02248d3
SHA256 a95aace4384b3a501d88b6a75d5933c022b52eb197edc5035bcb6c01c7abdb80
SHA512 d8ab78193048ad320ae82e3c02f2ebdb9bf6ce0f6c53ad2e62327f56fe79d735c533cd108732c0a117f6a8b1408135f801042e5cbdd7e65cee993323143fe41c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 32fddc65863af474b06aedea7fb0673e
SHA1 b9c13ef3d387bb74a7ba85ca903a3b6060d53b91
SHA256 b51d31bcc3b4211cda5ece2f2df1154e98a2dcdd9675c4b42654dba8a0000eb2
SHA512 81e49a6f79f491a5ae7d8ed791e911b414971f441e6014a413cb97b3b17c0bdcbed90dce3727d03f205ea49c0d7c2c91e756b316e13a28c64492befa90e67a4c

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity

MD5 1b44c3b845af6e946edaaa9e05cf4844
SHA1 c55775ea9b20557eb169de87a9026fc2a601f400
SHA256 5010bb46323da1844fae2dc6bccfd9c8e533b4beb2b7882517c7a858950288e2
SHA512 199dfaf31abcd707d00810bf84b0fce4677c4d542cacb450ee4cad0f4c456999d97dae20712127cb01e5ca385fc4ae7fa1927a5edc7f1029764904db339a27f9

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity~RFe5d8d4e.TMP

MD5 96585c0a77c8b42619a4a99ac8b0f19f
SHA1 bcb6c3add31558526289df8db176f9a18ddb4ed8
SHA256 271e2088311e8716d86471622068e134cae042b7af5c4074d306998c03ee43fa
SHA512 97e01d4d96d6f871b1540407248c1fe78ea688f165907bce1be51ca31639579b4a4c4596c1ede8080fd3daf7cc104f8fd1d8c70ade8ac7bc640630ee414d7cda

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 5f7d4c00466e0068fb43b19a5ce97c1c
SHA1 ec3cd3bcb075b82435c94e2347cefcda107ef8c1
SHA256 bc328d0e5cda35642456a677dbf756d42b6517cfc4905152b5ba6aa52937b296
SHA512 8ea2624ecfd789ec7aeb799579820c2cb14e19ac47038b3ec47dafb829df565a685c971d93508cdcc7ba19feb1a16fec4920a5f85b857b77138561700002d4a2

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\4b02b520-91a3-4c14-b5a5-499ce0d12136.tmp

MD5 692d2b5b2f1ef8304146dba72f33f22d
SHA1 3a5ac7919185008f25667eabfd1ab9f6cf104b49
SHA256 144cc5695bf7a240fa5f21fd376243eb62ca368c3c6c688a55d9554a7a834403
SHA512 5e23137c66b9bbb9b1d26cf84831b837171b2b0938fec9ad94681658b5d71350dac121325243ac76dcad889f0be305638cbe2bba1a5ff521b8373d968532d834

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index~RFe5da347.TMP

MD5 952bbbeb18105c16ff8a098bbb2f5e9d
SHA1 669c5e8f91155db9e8826486e23563d3f819549c
SHA256 e1d7eb0202f5671e749a016c83bf650f8beca3c0d3aeefc353803e4b5322adaa
SHA512 a003890a129cdf0796928d8ea34497db504dd9eb6b64afbd29faf0f4d6d75e308997690ddd051e296b2090509cbc384797f3d72939b3b949f265da0291ae1c98

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Code Cache\js\index-dir\the-real-index

MD5 1da4210dd9a6009173550ebfa3ce3f59
SHA1 31e2676932e8d784169298a444736b03cd16d9e3
SHA256 7d13c5866523857fe0acff6343632b993535056f823b24d5a146109b597debc6
SHA512 2817bf686d51a45f7f520a3c00ab28875a5553dd3710cd8438e0df7b89696c432a2660438281d9b7711b6c3d0ba7132710a66a2759f5f036569eae3dbb36f984

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b273e66baaadfa490f7950758b97a649
SHA1 197a803380bc2173f45e0edc367b699dbc731934
SHA256 6536c5aff9a1d6d95b3345895d4acf1bc187d3891482c0253ef89a44a1d1fe26
SHA512 3b0e037c55252f7adfe0f89f68cecf59db9f420ecf53c98f8cb7ae978f7d66a8b128706a3f28dc87a1ea63a7eed2a118974db2efc3fc80c871138c5d6cd95359

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 586530d8bd0d99f0c9628240126e5689
SHA1 801ac6b41fc64f293c932f6fbdf2b1ec6abce6c2
SHA256 d4a80be56e6680f69b2910a0d329d30ad4c17a179d1bfb6ce4ba462ce3fb6500
SHA512 c690961dd583aa839b71517362ee0e45ff13d1a6df7224c14a0bb8608f1da3657e1fb81116286ca10a9c87126f92610cd4437b021a66845af0a47c2c589ebbff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 983be1c44c765723748eedb01fdf0c91
SHA1 2f94e4de4f810cf16a10302e2bf314448c894087
SHA256 3d892372d9867d87d70e668bcb4f595e45b09dfabca5a056d3b99380d7da278a
SHA512 f8c6d27c1b36c6201c889222aba09da3e7766cd836796dbd487b3f75a23ad579262554a432146d76638def61a91d3ee6937b8e77451be6d89e697db8d5b8b16c

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity

MD5 2cafc14debb89fc19f7dfc1ad720971a
SHA1 0b3c4ad8a5ee4b721761fb73f2bea018c8f1de87
SHA256 a359ceaeadb0f65969de30496621af8c979ab291a60f8e2fd36cc82defc69a12
SHA512 3436fec0a2fbe7b8a4f7fa14d780c0a13535df50ce56f2e4a1b0164cb1c226b3a25528dc79e22e327f0f803f2d74d5d3840e55b9790b46c17af24cc758405acb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 65928ac9f49b2a4044a56f54202d131e
SHA1 d0629ad25a417022c8703830ee766ab9d378f247
SHA256 944c6a3a9d2b27aa11e12666202b57b913400ab6c609e4829e988aefdc6054b6
SHA512 4efb04649701fc7ba2cbff958d8e36f919a3ee40fa5b9caa498d3ae9ad6ee58533d75002333cdf0652fcaa324f9537411bd75ec2458da82f202fe3bafddff087

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_1085414269\manifest.json

MD5 55cf847309615667a4165f3796268958
SHA1 097d7d123cb0658c6de187e42c653ad7d5bbf527
SHA256 54f5c87c918f69861d93ed21544aac7d38645d10a890fc5b903730eb16d9a877
SHA512 53c71b860711561015c09c5000804f3713651ba2db57ccf434aebee07c56e5a162bdf317ce8de55926e34899812b42c994c3ce50870487bfa1803033db9452b7

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_1085414269\manifest.fingerprint

MD5 7ce55ac0d7683657fd051e573ad06e30
SHA1 3bc51fbc6155c4e9d1439587e1c739995054cc52
SHA256 138e2b36e4c8bec8b00180558843355037d7de99c389f46e6183c4fc5a34c790
SHA512 f269c5c2ee53ed836bfd1b928b40e1ddb2aaea00e5585c85fecfcb1add71130d4ecfe91d2f2527934ac472c8b432d3475ca02b8f808e7e6014cd49155529d9a2

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State

MD5 3e243bb1c1b6f9296afa718a203fd59b
SHA1 47fe98f01b86e3f7105806b39b295d7c55bd8950
SHA256 d4b1baa7f17bceda1cc1b3d952812b935e077f2948a2639f231f8ce647805348
SHA512 f1f74295f077fec2a50b299d99b83df40eb701ee30b263bbc5f0fc6a7554602e84158ccda2496313bb30f9b98038d12846d02a583c7fb99f76647211c7e6f2b3

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State~RFe5e4c2a.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6e51b738485d396b5a8f0ae8528b4f76
SHA1 479b2b30ca3c44f74e2f13e281bb93f7d04b1840
SHA256 6117840f22617298755d912b585b4a1b0b8e23aedfe904c998d8edf2921ac2df
SHA512 3ed6eb0adfaea32118097da17ac1bb28f5a42b040f9225bc2c3f87c0244ff277351b5b0d5b5b02ace9f18389b077e1f9f2936e06c7c973b64f0b0f5a74ee76b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1429899e978b9923661d58c86a16e0ff
SHA1 e0036e5e04139c6ba63658c74cb356ac3b7bccfd
SHA256 9f750399171a00ed23006902b02c3e84f359e35f4f61c0d198c7b8b0b5754711
SHA512 a80aaf6d0f0309bb6953d0b40fe5b5340036fbc8bf3489f4f6e62ebbc05d1e99ecff29cee0757f52b486cb577c176ff274fc87c991e12582c06533de50b334d6

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_1733861122\manifest.json

MD5 077da41a01dde0173ebbf70d3b7210e2
SHA1 4b3c3deeb9522ca4ef4e42efcf63b2674f6a5c07
SHA256 23bed5c8ebea0c376483374bad7baf633a7e52f3e0a609371c518e06e645bda0
SHA512 2822d02e2b3c6306e6d71fa62e7f472b4c3cdf0cbe499b70ac60a0a50e547ed47c394d7de88bbef2e6015920442b9d30cbc0d6869d154e02ec251712f918deec

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\TrustTokenKeyCommitments\2024.10.11.1\keys.json

MD5 052b398cc49648660aaff778d897c6de
SHA1 d4fdd81f2ee4c8a4572affbfd1830a0c574a8715
SHA256 47ec07ddf9bbd0082b3a2dfea39491090e73a09106945982e395a9f3cb6d88ae
SHA512 ed53d0804a2ef1bc779af76aa39f5eb8ce2edc7f301f365eeaa0cf5a9ab49f2a21a24f52dd0eb07c480078ce2dd03c7fbb088082aea9b7cdd88a6482ae072037

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 b82c10fa797cf486b871d31c5200deca
SHA1 4e1b712870bb275186c25a93b857051fffcb3dad
SHA256 7ad6ce7e3adb97cf4784631651533d02e9f6a8b284c83a9ee4ef519da5df7f08
SHA512 4f9f6e2374dcda1399f905bfea411a17fdc7644b6b967d6ad0127fe1642650ca4285d1e9d82c13fe63e2fae67b4c0387d769d6a947522302d4439c87d4c2d615

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 086ffcec04ae30bc8323452e540d491c
SHA1 93b733049f97f2016d9d2e02fa72d0298d213529
SHA256 397c10fb91748048e8b488589f4fa1c512b79393f33c4f4beef93ecc26b61f36
SHA512 c801d24acf7087352eafde093b7be229230557836cc2acba08d7f3ea97622b310008eff6d876b484325cbb90e5fbe6a4ed7d8f655af9205efac73704592c1d3b

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity

MD5 9b47a8bbaeb0937da37bc209707334e0
SHA1 16ba9ebd358ba2210e236296a2abbb2aa7072061
SHA256 c2d35b987eac426ee44624f96e6e1855b006504420ae126993cae3c32a528f9a
SHA512 2b4d22aba6861f3ea39775d9bcde19c9019690a6a54444af0dc56f9c8d769c7ec68ce15dd984b621611bd60c6566acfedb8601e478fd7be47ae20a90e23088dc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a650ed4adb6cd8102e7dbfb4c044321a
SHA1 f743c940fc3bc3a1bc3a4ae2d69ed34beda1e9fc
SHA256 14bff7e5d421a0400b5c76d4f223b6a303b953b16a43c813fc91824d2e8f29f8
SHA512 532d1ce9519cd8d2c74baa5598d5fe4936cbca4b0069f8528420b99fdf548449ec50e6f20722a39c47aa14d85d10ba803f8d6b9111210a1cd14751924eec59c7

C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping804_872624197\manifest.json

MD5 8062e1b9705b274fd46fcd2dd53efc81
SHA1 61912082d21780e22403555a43408c9a6cafc59a
SHA256 2f0e67d8b541936adc77ac9766c15a98e9b5de67477905b38624765e447fcd35
SHA512 98609cf9b126c7c2ad29a6ec92f617659d35251d5f6e226fff78fd9f660f7984e4c188e890495ab05ae6cf3fbe9bf712c81d814fbd94d9f62cf4ff13bbd9521a

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\PKIMetadata\13.0.0.0\ct_config.pb

MD5 df3d937079b894c891f9b0b741874928
SHA1 ed93fc386807b3a28fcc7988a88ae4741bfe1b15
SHA256 c7cbb0db6e924cbfccf4a6e8223e3fed4d93f5d78a3122c30213b6e38ee195f4
SHA512 5728bdd930283a4906e7e07acd3eadecb813a3154ffb41729738444bf13aab27dceb01e05a27c77bb13cc498c1d5c2d492ac653ddbfe4b14004b1c7a5bc54f1b

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\PKIMetadata\13.0.0.0\crs.pb

MD5 981a9155cad975103b6a26acef33a866
SHA1 1965290a94d172c4def1ac7199736c26dccca33e
SHA256 971393390616fbe53c63865274a40a0b4a8e731c529664275bdc764f09a28e2d
SHA512 2d75ce25cb3a78f69f90fbd23f6e5c9f1a6ed92025f83ce0ab3e0320b64130d586fc2cd960f763e1ab2c82d35ef9650ebd7ff2a42a928a293e0e7428cc669119

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\PKIMetadata\13.0.0.0\kp_pinslist.pb

MD5 d43d041e531dc757a69a90cb657ef437
SHA1 09138b427565bc276cfd3ba9f59b0c8bad78e91d
SHA256 9431360a5534ad2f8eddde157cce39704b99da035fcb6d2cca11220700b11ccb
SHA512 476a98122059b9cc19492b7ae557c61381842c8c347f85c686e0a493bfd0e8707ce3491b690e7978b3fb7d7d2a4daa2767e4a590398a50562519bf32e8d12ec6

memory/5800-2418-0x000001AAE32F0000-0x000001AAE32F1000-memory.dmp

memory/5800-2420-0x000001AAE32F0000-0x000001AAE32F1000-memory.dmp

memory/5800-2419-0x000001AAE32F0000-0x000001AAE32F1000-memory.dmp

memory/5800-2426-0x000001AAE32F0000-0x000001AAE32F1000-memory.dmp

memory/5800-2430-0x000001AAE32F0000-0x000001AAE32F1000-memory.dmp

memory/5800-2429-0x000001AAE32F0000-0x000001AAE32F1000-memory.dmp

memory/5800-2428-0x000001AAE32F0000-0x000001AAE32F1000-memory.dmp

memory/5800-2427-0x000001AAE32F0000-0x000001AAE32F1000-memory.dmp

memory/5800-2425-0x000001AAE32F0000-0x000001AAE32F1000-memory.dmp

memory/5800-2424-0x000001AAE32F0000-0x000001AAE32F1000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 bcc71dfcd62eede4018b954464a662f3
SHA1 09f0c9da0343c7ea39a4032b4839e77c1d19ca95
SHA256 9febf39a66f733c6ccd2d1b2b6e42b5401e8e80ca4ff427b21751f195f8ac81b
SHA512 d293ba4370816c77e0ed1e84a4420b732d82f2823c27ac4e58ac737f866ae6e92853e6543c2646b21283614bd83a27b571aa80c07d29a477b8a47e283d164081

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences

MD5 0513146820e90007a928e0aca07850a6
SHA1 da8263ee86a488fc5f08227779aa4cc3de71c435
SHA256 2fc99d4b92b1338a9c9505681f2dbb382d9b236f2ff66e619eb9926589095e9b
SHA512 0f169ff8948359865a95ab2f7539bc2d5854dd74c65612ff0828801b40c8acae9602562e501824c80eae3e5ea6b10d2a83992356d338d9cc28a4b8cd3dea2a01

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 7e7d775ab44dc24f801e695f7a3140e3
SHA1 bbe564a5fb6d2ffab405d91a3cdfecea9fc544f0
SHA256 de9f843c643e182275d9daaa3688be799271e324a3327f68dd091994527376f2
SHA512 8aeb855a38578fc6088c863214a2e4de4c9cbbc9db0644e71c946923888cb791deed319f3429e0614d3401728b776b35ba5e74dbefe3e5da321508dee7f6b4be

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3569d3e0e4ce7c0860489aea67cc9443
SHA1 76bd9174a8240e22869ff6e653198a88c9279f1b
SHA256 fbcef0fa446139e349a78b17e99e212c9e9803785860b58b56050f461abc44b9
SHA512 28a44f3d0a204fbb26492e3639cbcf0d6daa92bc9b4306b7db87b141a0c806e857524d8b80ecadff7000134e25e784c4f99998703dda14f6a70c0631f0cf5af8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 e25e5fa06384100db7637f83bdc09271
SHA1 f427ec67673f66509597f233316852d126509418
SHA256 72901fa35b72581589790eaf2290a3ff6ccc5a57080903d6925bb68600fdf4dc
SHA512 9c51ad91f6ba409224f7910fa00d639381511240352b8ad4c092851f99b55ce28eba0176393e5ecad1e4ec298e4fcf7ad752443877140d47bb3773621496ceae

C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.195.25\MicrosoftEdgeUpdateSetup_X86_1.3.195.25.exe

MD5 5a58f85ff61912d9cc7c6d78c05ea70e
SHA1 fda7b075d211e4311206f00990514e4cd75a62c0
SHA256 eee99f71bf20c98b3eb770c463c4e9f6959ea607ec0857e37d5852fc637516b3
SHA512 1cfc81337975124485aad6c3b5cffc43e69fb98add9c74bc37d89022972766e9eb82c56a00f9d17c37815693a431f410befeed900184044ec47a9c79a38b879c

memory/4436-2744-0x0000000000040000-0x0000000000075000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 46da91e47d0192e3fb52897e6abb65a5
SHA1 b8459721a7f94e4a949beec3a3ff2cdff5518c19
SHA256 fa48cda1303cdf0b1b9a9be3cc91104f4b65ac374d3fb46b88be31ac6fb0f4a8
SHA512 6e9ddfdf9d04159c09fcbb422c136562f63441265d7cc956b44c401e60788fd002d14e6d6be736a32b1eedfded5496020a1d979ad1cba637ea0ddecefa34f897

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8117ef889cd79c95cc0b5b3a7d5e03a0
SHA1 6126b5101a456abb41ee5f3882412aa5a8cfb02b
SHA256 d9de2c5d3a9e42c08aef88ecd24bb34e55eea8ed425b877515ba5637e364e7dd
SHA512 e5ba12c5757fe65442207c60b6d9ea898e6403e98b03005be65268e0f6a4ca118f6a41e620b24086d2362d450a69b3e770dca595da5e8eb45da53095fc402b24

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 d7a9c4e002786cd5ee45451944973ebf
SHA1 8d5f0c0dc42e8763ac8acbc77792f5654decfb21
SHA256 1c6a139f7199857b70ce1c565619eb4f6b00f3372a70b742d47fab5abf88262c
SHA512 abd47c88f55fed6cfa496eb70afee356c098e4e4b29b0370c7156fdcb73e7d3c12a4a2a8e13f19984920e51da657444386e76bfcd413df71c554c869ed8d1853

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 fc1dfc03d5f37b6e901613ccfa5f87c7
SHA1 c11001d67a341d7bb21be8934439e3f33385dcc9
SHA256 03cfc1c0d602faad693ad48694e8c0ce93a51576037a03cbc899694e10cfcd5c
SHA512 efe96c50bd43ecd1b889328864484d6f359a995756b416d03295a8e673a5e627be8852cabbe3a73f9394a0670445bd77e5db2c90d364bc453d269ee0fed8527b

C:\Users\Admin\Videos\Captures\desktop.ini

MD5 b0d27eaec71f1cd73b015f5ceeb15f9d
SHA1 62264f8b5c2f5034a1e4143df6e8c787165fbc2f
SHA256 86d9f822aeb989755fac82929e8db369b3f5f04117ef96fd76e3d5f920a501d2
SHA512 7b5c9783a0a14b600b156825639d24cbbc000f5066c48ce9fecc195255603fc55129aaaca336d7ce6ad4e941d5492b756562f2c7a1d151fcfc2dabac76f3946c

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 804456646e8213a55cf9892aa8a428d5
SHA1 45aa8a306beb82040aef532e83c920f944a40889
SHA256 571f77860d5a181e068cbbfd893db3f8724016108570ee687d3526cc52ca84cf
SHA512 503f77c0734e488b0692d8ca7e25a6103bc98007f0e5bd037ca02f178db90047acfb3ceee22cdcd3057620db864853fa7771bc4230f08f20a386efa8c7b35fa6

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity

MD5 655f7c6ec9f18b1866238483557b6651
SHA1 7c9765005fc9aa82e1fc3164e890592b0a89d655
SHA256 8de7b941f9066ffe0badf859cb83b94a52caffaf290d1ba832846f6141083639
SHA512 81d1ec956e10595158a3f213d4ac6b9781cdf9c821412b40c8c0d562e538ea36c698db982c0ffb9e1fcb3fe56e8a9a5db8e2c35e3f3c2afd990a4c03078d3a02

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity

MD5 e1bdee24ff69a1482cccc471e2a96aed
SHA1 cffbd29567fd9ef664ac6cb9b49f3f9411f61e70
SHA256 6db3343f30ab729c0d2735c9543123142aea6f023a9a8d53370e962cb8a915fc
SHA512 e7d7c0a8e41286f06651fbfa030ad905eb7292f626dfeb1971d1eec3e7b7e7339812fcfa4bbec669b3376c22a746a245e3f7931d7aba4dd87f22d3542bd1fd50

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity

MD5 fea8ba694be77ea0d4d9408c279c6e0d
SHA1 fe4abb62e95da354d7d7db453e227eaf9aa764b2
SHA256 0554f7392bf0319fc1af4b973717ebccf23c62a9b58a3f0370c8ef9451f7486e
SHA512 66601289abd00569273de103f65096002dd4c4affb986a55e88b0445587a03268a002ebd2e2f22801e55268756d48a771eb2629978185f21865f4867a29b7199

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\Network Persistent State

MD5 b2921377be9776a5714d55833e928ddb
SHA1 177a4f0d04f257db5feb9f1501832940ac981787
SHA256 45c186be76de2ef735806ddd86dd63737e8f33712c14a0387d4f0f9a2d281b97
SHA512 c91acae311356715f6dba023c69472b3f5eb29cfbb2cce57f5e6f94e8f28fe918146b4438e339a27cf18f88eff372300c04b56ab4ad3505245b976e636b91035

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Crashpad\settings.dat

MD5 203440f050477bc50eb2a5f453ebae7b
SHA1 3704931ca9002915ef32797710d394893de52338
SHA256 fe24752fcdadb0493a4d72e29f79cdebff2c45c6824c71a8431b0e7aef1075af
SHA512 a3ce00eab2a86619d2edf2b7ce197b9bb659b844fe12a64118578a4d7e27474c3776e4c20b8264ec0a7fdfa908e514530340b4a70f8ceeb07bfd499c191964e7

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Preferences

MD5 02361e4a5f724ed7d178d888f012bf66
SHA1 683a308583b3db8833d5a1877814634ed45be0b6
SHA256 12733a96f72e19e671421c6a03d31c8bb5c0cbeab9bf83d115741cc5c9883ad2
SHA512 1fc96e29c4358940a16114e4801c8af8a8ff80c4c74d92f5ecfb443d1a9eb5b4a438f9f1302a17f1c7abdb347ba79e35faeef87a9f57fda54f5995e4e17c03fa

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Default\Network\TransportSecurity

MD5 0cb483bc51a15607e236c49116e65c3a
SHA1 04152cf48a1e0938bf47a42e0b0bb9205cc8ca09
SHA256 19ce646f1bea4d0d936f649f98b9d674832f2e9e06cb63e7ef63a2dc45bad88a
SHA512 af559773bed7cf54bd87a7821d74f7ab6ffa6225416ef736e4ccbb6059bae43a152745537828fcd79577d476e5eda760b0147d4a17a8777ca5c717e6b136f460

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Subresource Filter\Indexed Rules\36\10.34.0.55\Ruleset Data

MD5 16176aa639f8d0bf6c1a823f9d973d8c
SHA1 f1f365a4705a3fcab04bc4aa8f080ed7ae2f372c
SHA256 75da3c6add63a83efb735ae0f1f4e6578607ea33187753b0f65f750a1ab0ab34
SHA512 d8711e8a2d417f1f9b81a13d04951420460d1be2dd0459916a3226f364b65cd77fc0feb4be22412df3da0a2433cd924df7d0684fab04a2c6cf3a6e9715ea9f84

C:\Users\Admin\AppData\Local\Roblox\RobloxStudio\WebView2\EBWebView\Local State

MD5 29c34c0c99bc06ecc4caf33f6c2c2a51
SHA1 eb79442799e455d8f878e83031a748c1d9d3c53d
SHA256 f1f56f65e7ab6f44718d75e3772f30cd346c12f7c9dd1cbb5ed721be551b93db
SHA512 9e4b105f8352d4de3e28eca833ae6869ac1f2ab915245408756441e44ae919871b5a2f71572f9bbf46413e46f0bca5a67818db90f08662511a8332d0b8c81808

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\b30e5c7f-37a8-4867-9512-dca04a1d5d2c.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ed7d82eb7f3be67bdbf5e561751e55af
SHA1 2b7afce07d3f6c8ae0ef5e8209aba3168ac139f9
SHA256 82bcb7ae198255c553174e7899d53833b6974ac4be444453a506685f215f1175
SHA512 7b049508cd0df2d7908a005176769998bc71ee57a78fb60139828966b701fd08b2313361a17dd241abe3fd3b7ab32c4a57c96748b0100082e302a0205c01b720

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 435e71ef91938a2cd42d8d867e575def
SHA1 ff2a7c7631fcf87fde778081abb62c60b7766104
SHA256 9485778d573a713f96fa77cf770dcbc29915058beb39396bd525af2f53c75560
SHA512 5c3f1d033260eb4c999ba1b343fb78738d4514b7e2c199ffb7e34887aa9e88b0e07b50a78d768be4c836b87b6ca883f351720482916d15fb753f3932a0f96a12

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6bcff648657bee4a6f4a912e2cf6f16e
SHA1 48ee548e53faf39804f5eb28e1538f271f1a7088
SHA256 d31b50c2acdb698a521464ff6d25af6fd5cc215dc380572b6b4c176b43f369be
SHA512 37e39ed94586cee27bb47c951d2d4cbc6512b80489117f045cbcf9ef8a3ea7140a22a1fe045f1a96530b09718b0844d3f6e47e9f44ea5d0aac82637d2e7a9ffe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 34b7b484019673f4e1e07ca602e8b6d3
SHA1 82c539abe29ccb291c5dc8da94f733b68b914635
SHA256 ac7172e662ca8ae16703174a4da5129f39ac005d19ec496a22115503add62769
SHA512 98fea4f5371109fe78e1d2a2a0c122b624a8697d8bd98b60482190e1bbec61a13010b31be4b7d511201bbfd71e9a0675c1d263e61b09e4e6afb873c2cc4bda32

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 156933d7cc478e47a7124d9073643b4f
SHA1 50cf70548e64c5c431b837208dd88deaa2efa33d
SHA256 d27b3d17b5fb04a5f33a13aff861af24306e529668a9e65d1874ce205fcaf74a
SHA512 41466079155bc827b68c8692d33935766ae0a17bd2f044d5f85ddeef9c8022c5bc75a23a34e7eec86387eeacbbb021e5768332d73f4808196fc428dfc3562225

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 6944833fbd082444fc256315b1af5e3f
SHA1 b57e09465e077e791f5d3a51ea8527c5be71ebd0
SHA256 ccb3a9ca67e3be904f3c04e5647e77b9118c045e50c7b9ebdb11c051805add39
SHA512 0345de1443bcd812883eff6090ff6f7355b6c2477a5c1aba9c325cc64ffd7a36b94e31bad17d431684d4e56d54e09e7a242a8654fa44415727e9dba481222397

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ad1922304ea493182b7454bab8d09e19
SHA1 e1ecda3f25b44dce47c0af17e0184c9c111f6f7a
SHA256 dc45b61877873797479ba8a042f6c8ca5f7f4e77897352cf8acff3800c2aea3b
SHA512 602604c057d88e2976e2c80ec253385a33c95df15228bea317d5a7b843d16d28c1228b10515f4454c58c42867996d0459cb872bb603b3dbdd5c40db54eb7f4b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5f8c2dacce9e8d0f0d3db0c98e12fa38
SHA1 d2df9bff83e9f96d9d59cbca0e4abfc0d5d38bc5
SHA256 46a929bca32a0f5af14339d3bbebd9f163113d84cfe3883ce6bf8b672ad8ad65
SHA512 7e98aa260541a138f24788c7a7366603cc3d468dea4af6697a6f4c9b59f0370e4c023bbbde147602d4a3e0a01da483d62274c9a2ea14c4e129f94d521ad8fa37

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 36c41fbb2145baf44d8ad41a555fcdb3
SHA1 0f0f890be1ace7b0d6a594ee646bba0ab4a47b2c
SHA256 3901bbceb1d6116f5c20d1e7cc9056d5cdbebdede8229bc9d9c2b6e21d24f095
SHA512 8220d0cf430602c4802986a6d7c30d4dc919820cdef090dcbd8960e7569c0b6e21056615b94de08d05de17736b0c9ec8861a2d8333deaa02de55b4b47ff52852

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 32eb50c4738e8948f54879d7ba029754
SHA1 c43d7bbefcacb71eb804a5152d115bb087a55f63
SHA256 846afb2da357f06a8fc6b480e22ae6c79def98bcc88433420228056573e0bd2a
SHA512 b7ae9e381ab7a0843361d84011ddf7f1b0faf239d67bd46b72ebc66a5ec5c1d633da241f4331da2d7ba8e9e0c065e06ba725b6835c690eae7eeca88c66d7cc12

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 1353c854344ed4361a9d26e9b161bab3
SHA1 e6f47dee867c1c0d3eaeeb805bbc24ca39eca332
SHA256 042843d9cf15f9e0c6857c03edab8a00a23ce7f2354a376ef5d2de2a410e9d4a
SHA512 76a10ec13af7574b8cf5e7991c567b753838a5898f3b56bcfd94876f2ed2afc3238c54360d460e5b8c35e1836719c9ce6ab0dc075a7cdb61eb7d180374f95d51

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6ed05fcb4788c62a6bf0118b759be883
SHA1 deddb0836d24d6a7a464af0cc5d0f9e7be820e7e
SHA256 3f43cff2716b203c26748b006297a6b9864661237f1a9a3d7450e36488c51f5a
SHA512 8eb8100cfe0f1c08a1b96162f8b65ea7a2147e03354b29e2470dbad495158deb241363b2ec33b3f7bc0d520b392b4a6f703257940022b06fcc8b7898fd768d0c

C:\Users\Admin\Downloads\UABE-master.zip.crdownload

MD5 50e3d2b4502d4a3f5801a1a636792451
SHA1 8b361d3ee2a6bf98a5c0ff2cca7081438e98686e
SHA256 2af79c02b830a3d251ec112ae466ffd180dc598304cb51d52a2878a7c5d94ec1
SHA512 05ea222994b66fbabcc8e908a8dbdd1a29f1b28dbd6860bd6d8f46e23b1a2fb7ccdfc2fc961c2d9196f33d71fae07b84b0328a170b8972a40993707aef072484

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 13b7bb079712003ae4d4c1a8d0d76806
SHA1 37c2869b90f5dd5e56da5465303eaa18e46ff1c9
SHA256 9d4c04177c73448cccf9a1c7bb20b0a31f53e4d243fe5c21fd8a6704b6b4f326
SHA512 2a60725001e3603a932b95834dba759ccdd104cb7afc837e610cc06eb78d33a561197517d6bbb724f76a6306c57d0d9067cd41f7543952211f25311c761608ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 a4ecc5205ee5fe99461d0251558270c1
SHA1 90aa140ee8d8ec5b3ed24d8d75d0ab3c58425171
SHA256 2180e99b38dcf8fac60abf50a5ab84202e56d90e404d79df4d01642782a1cdc2
SHA512 18ebfb987b3dc888a49e3b2b943012ffaa37bc1f66dadba38aca14bbaaabb3327035b107074cbdc0d40e2987bf1d774e69b138a4284c9ce51aa4d6a2df3b9830

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6b9d5808803591e16f5aeeeb99802db2
SHA1 29a05d0d969c89451556248a89f8118bb0b0a2ac
SHA256 0b5c8152ad4d6dea6b78ae9cc32d03d8e74eafd60a1dcbc88d51f8422b14bcf3
SHA512 01edd52ec1ce6886565f94fc145918bd13e9e1a9619b7cae7f165f59bf63f0701809dce9ddc70aea9d83fff1993e48d5946f3ed1b33bc4a8c711533f4055e0d5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bbb00e2bcd6f0e9c1da30537074a06f1
SHA1 7c7508de0c0ea10e425acb48be982d7276cb6141
SHA256 e4391736386043018215aad6f7ebac83fd1d4804aa707c96bea7b6a45ebbbfd7
SHA512 7ad6c07ce0fd0b74c8eb937decefd9b19d6933c0ab7d8b53c162fec236e6742e9d1381213f453b9d91353ab1c4466dc8c2791eb2ace90b80817eeaa5fffd9cb8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8a1248118fcf6be37a04e278b84411f0
SHA1 953f20afaacaf54c0b2d5ef8b5c449f7387b58ef
SHA256 ad6408dc7937a5a11ac36ed043b469adf723ace9b7e220ecb3063df3f18e3ceb
SHA512 dc5caf9c9d4888cab2ce8b4448bb15a2c7d6a8da1b1a264a2ad4dd5abc0187b727febefd01c7cc9c312b5c80a853c51d797ffeecece699ab399d8c93bb3f4917

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1750998e0d7a56b37c837db131efe083
SHA1 258b692a84b32fb7a0e52be81d37389ff3236741
SHA256 521794ef69c715ea33edc5cdf4a50d2ef4ef214fdefc6bc714c19d53a01de0da
SHA512 81403ac0eefc5b8a42da6f0322080666266eb62761b36c8c61271d96de935bdc2ec47aa5c67b3a47f27db5e234a541da19e32ea1b7b73961ad7cc9b9f5eb4bcc

C:\Users\Admin\Downloads\AssetBundleExtractor_3.0beta1_64bit.zip.crdownload

MD5 094474d391d64d5400d89fbe22cd77b4
SHA1 979eb588cb498cf5ac4c771d141fafe4ba44af3c
SHA256 803384cfd183884a81fbb077d109b76c9a1dddbe512e4398988c8de81ca270a2
SHA512 fdf9e27f47617adc71b55f0fded6ca7a40f419ef49407d9373d51bbdd1f8adeb5e6005c05479b542be0c0807ed5808ad7c924b23e76d302444508c4e813f74d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b30fb44c3af38eeb6620630559d06c1c
SHA1 4b3d637fbc5b7540e16f47974a17f701bedcaf43
SHA256 f87fdb3b0b6322d8b37b62e89eeffb156ef27fa718c2670353c12a910625a652
SHA512 685e5a2c5c4e2b72fd6d880600a9f2f5d985a7f2b69bb8e6ece7fd1303909a5c68512ef46f97c892d32f75b9804469a7b6624f4ac543da055ed775bb8c113d56

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e0f1e497379a9acc202e85678f112dac
SHA1 a41ea7833297d698c76e6fea3d0786178c919786
SHA256 77b86ee2cc37f3b68093f04401ff1c30dee5a5668d7e02c96e4ab4616c2700e7
SHA512 d2013adcf857467686367fea3850188efdeaf5b8f914e8779641228110c4b8ed1ecdf83e90d692637b7d3b2cc5ebb1acf5421256adc3de417733950cf8268e04

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 d222b77a61527f2c177b0869e7babc24
SHA1 3f23acb984307a4aeba41ebbb70439c97ad1f268
SHA256 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747
SHA512 d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 b5ad5caaaee00cb8cf445427975ae66c
SHA1 dcde6527290a326e048f9c3a85280d3fa71e1e22
SHA256 b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8
SHA512 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2dfafe82b31172fd7de9dd2c91c344f7
SHA1 85a8633e60dd48ca43a8ba329e6992da971ddac4
SHA256 bd7976f5a45c18621df145c748bc4c183abbea1dfd87962e06d261a03d66e60b
SHA512 d04afb6bfb271a74ac4df1382824673dff5cd37c08f02b4b20ed664e5509c1029146af320535197520289930475507427cc4ea7b728bc9991245cef9bdd4756c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 4a2e3ea1c14dd5a328749f63967dafc3
SHA1 11928827faa140e8dcc1f6048f549cd8eb9df18a
SHA256 2e4cbe0d2b73dd41e0daf0412ba87f99c160519d070b68f7544179bf7a105094
SHA512 15756caed1cee808e4df369a3871dceab22ec72656fba55681a69ca09bee36c52ffb9155e4cb12b597447d7955f917d8068bcff9045bbd71629189d21ff86a2a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3306bf2f91a4aa4bd1eb2e496600f7f5
SHA1 ba4a00519cc7e7646ffe3b409bd55414b1f57f35
SHA256 72abdae6c261f4c0ca931a30784095ce50b86f1036c663e586310dfe26310fa2
SHA512 90536d250b9f385a26d7d7c233673dd249c7b08cffc0e9c4215e974e27368b9064a2d1731bb28bf059fbb872ac3bb26002b52abbaa2b32570f5b808ddd4e4979

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1256cbd161ac0c7d9d2a77063b0aa19f
SHA1 52223e46af7b1b3cbfb796c757524b521ea7cd9f
SHA256 254fe423e1c19cfdc8513e7523c6b582c2357c497ca2d559e0f155fad90adb8a
SHA512 3b2093b7a1d868e484e0f80e9bcac858d28884609e494c60a8ac4db97629643f0579474da6b66aadf8237b8036128458808aa78fb502c5bf7a8a6ce5021b2f2c

C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{02818B75-23D5-4B5A-A080-6767F532FA25}\EDGEMITMP_76704.tmp\SETUP.EX_

MD5 4c9d6f28d890abf84c521aba32b8339e
SHA1 3ae501680d971e15aea406cb572c28e39b73fda9
SHA256 2e5ea05380be6baa080cbd7621764b999381d6fa4bff0af1dd067c0193e51f6e
SHA512 f7c11234285a119e3705c72ca1511c35ef76c9775061f7e1a8f498d02bd38578be8db25f0be6b6f37434273aa230aac470d7011c65a8fe1db3feed45d0365717

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d5a110659fdfea898256b952e63b0039
SHA1 18bf90205011c3397d322daaaf2fdd168acd6bef
SHA256 4f466a0f987913aeb92f28bc5a536ba5ddb45336b7214b50f77ddf2eff75ceb7
SHA512 5e1efdf1e936895f5462ad5150f701ee8fcc2ba7efc99c9df47b76bfe0112d953a2b0e0eb85a221f3d2aa6af4de6fbfe23ef0a64d0515580669a49b66e5170bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cfa07ee19bb956e84a498d918ceeecb6
SHA1 e467bd7e028482c88ae6b26e9e77619b9e253178
SHA256 3cc5eef7918cdbb33b7db4b4ed605b732f9c0a56e4355509a6525bedf7f14d33
SHA512 7f7b0be419b500c9dfb280bdc91f7f5ad1c6cd600f2b893e59b67a9a936fa1083ff11491dfaf16d91c5797b3f2160ab695907d1fe95f4864e6315a83a61693b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a04412bb2562baa90a69fa8d64c3fd03
SHA1 d6b6b85da44abe0fe5a73809fe6769da9d472d15
SHA256 761cba5f8a9d1aa6254542f4f6752e3a6ff73fa03fabc6d679e8ec32be0066b0
SHA512 79058941960dbda1608b1e16b50a2622592da28eadf054f8ec04da26dcdf17dc99e69f057f7d1fdb15d6c49b8129bf50826027af1be652e1280544601e7f9ae6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cca273615f03b8b4650fba080d7d1394
SHA1 b37b1cda3d5836c485d67c326c9917ce947142e8
SHA256 9d06b8bc39d2e43f4ebd852ca963240ed6819a31dcec4b9765b08b80e1757861
SHA512 9ad31aff57b50fb53e0e29088737cb3a1bffba4ef41eed439c0350bd119b7717c85535346695a5c7af12fd8bfd4d9337f086b7221aa7be5274adca73c3c86531

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 405dd156f0b697f2d0702afedb827b80
SHA1 41e7bd95b48a39edd67e751abf94c92b6617271a
SHA256 a764eb30b54d11ded5b23807bca8dee0a2a36b921de032d8923b11b5eb835e77
SHA512 981f35b0c8c9261a4ad7c6c4cf01c5e062f510c7e58affeea3d541510a8bff28f124a0a0142ced89502b4540b50161d201e61a5a0ba08b7504cb6560f5627d4b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 8e1c1fec8c7a34c0a44f1e935fb63f78
SHA1 f22bc3c874aeb42cee8835e1dcd6a3fa76998091
SHA256 e6910509d83edf1f4ffcfc5ec24f3e4d9057f87e44b7998e2d7eba23ac179fc0
SHA512 2d78ab9dccc0498a7fdfbe6062bcb7f12a8c72a991e82f477363474814a66b15c04477d35142a95fa0c5899c4d1afc2cb5444054132cc4f3bca1f0ee034a99ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9be51fd98ed849cd0b30d91cfb95d35c
SHA1 68fd8a5e91fba7b5f227cf518bc78a3d2355497d
SHA256 7d4ace478241e2986223cab940fbc8d4988b9be26e8ccd92942ba0d91dd3f390
SHA512 d8b40b34fd00e3a4054b04a9baef7eaebe2978820300ed95dec3c0c6c4e5145de34b3533425432735346412ee47030c82bd1180eea53e63ff872415c840e44ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9870f222928964f067f6b90ce6546823
SHA1 0333a1b8e8d2c074aa3b95ebbe03c3a68f6ddd53
SHA256 69cff55e79fa44f082c5c24cf791b45eb407137e00dc0cf1ef3311454330a43a
SHA512 dd015f5f6cafb23ddf2e0654efb3100c66d5988c0b59c9321828c8a220972792e15a0e7ffe7e2480857a414f6056a7ba3c725f77b20e0270960a86305bf0ed7c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_apkpure.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ddacbca725c879fa745a15cd0397b305
SHA1 c3855b2b9cb1d5b2fdd4bd5961183602ad4092de
SHA256 4798280678413d41b8c0668a1486d552bde4330de721482766239dd3414a1f61
SHA512 3d8c0b5edf3cd8a714aabbc0f005dad7c762f903dfd70dcae79d70bd707a26943e0c4e4707d612a317acb78eaff03080ad29f06d1630de1b982ed1edf9cfb3d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 75a170d2cd91a5bcca8ca4d6b68876e4
SHA1 7f0b31177c6aeff865721d8ee5e9d78ed5e7c271
SHA256 e95f2ef39f496a509abf16fad4176b192cd45b1a4b9cc64f6a360d56ce2012c5
SHA512 b281b8d0b12088ceb85b240951b06cd7704df3e5dc70e8d99ffd08495415b3de6f89209fe47fa4698147b7a9cf7609db6234bfb2f466d2bbdafc4d42743a410e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 57d162a016529d6bd89e7c6f60d42aec
SHA1 8a2f9f1b44f951fa113c227dd183bbe7a83aa059
SHA256 9e4e65153de7e06b6f38e6da3eb0d2b6c3b086ca1dc38951db82824cd552f6c2
SHA512 27fd98bcd5eee343558c873adb33b3ed5db7fc9f24d63a6bc5cb3752be9d649f262646bf1d2fac4e7d298b744001342a494ba6585b5057005eb39ac929e5f30e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5d42d40efa5ad7f94545527f39c0aaa4
SHA1 c6a7211f9fe8d4d99b49672660b0d7bd618937ef
SHA256 c672a3f425f4fc67fde34fb0c42b3a6de112a205a597e1970c7cbfa0b15fcac3
SHA512 7493fe3a8c00323b10f547e9b9f1dc24cab4839c0c0d9a4f4bbb7649103d87dc8e9874b2bf87e85bba682442d583a72732f41bd193e2f22735df038a2bf29110

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 7ad49340486ccae48c4075055c4ec0d6
SHA1 77d5a2848c060e6a312f4b337d6392681c8d1800
SHA256 7abfcbfd804e29ae776241254216711f702d1930fbe5f4c94f89873f720d1134
SHA512 6052310398496fbbd010db27594c4f9328e2789e3cff79180d639af36418861ca49556d59f62f432dfbdaccc69c237bb15137e58334125b67c6bd8d3e41bb728

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d3390510901209a554a8593472c0f66b
SHA1 ee85bdbf3834bc99f97692a5fde81cd1a58253cd
SHA256 e68268e829219bf171416954235fb12e1432a42411191480af681d1f08a64403
SHA512 55c52f6797eda8f1ed85ad5944973fd64c0213ad0ddca7d05b0864110ce5622822c44435dc58aa293dae1c73a8c81e2fc111a371525ec9d024bdffeca3bf6580

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ac45eccc6e153f025b3f6b496e499cda
SHA1 11e91ac25c75b0d1be29d0d97525cb6c834ab016
SHA256 fa0734a9ad9134e875e553dd92c90a29f248cc2be56e47416c7468a52b8dbdf5
SHA512 4e6b6841de028fa808ada0b647b6044e044d6b570642141333969c7928490565d296ed787e19b3c0e0e3c62bbccc61f1e4f42cf8b9e0e1271f1d35972bd2daab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024

MD5 c8e69fc65287045e4f083a6bcd40b8e0
SHA1 fa3a37740705510fe08c3b286ea9a81e2e4bb04d
SHA256 bffefe5f48974eeda69bb6a53127b10ee8244ba7f9dd4a925f2f2c1bde189db0
SHA512 2735de34b5292413834fce2025fc05cd3cbdca4821243495cedc7127432f8bceb794fac4410f610f74aea4c3f8d14660841c96c926bb4ef80c79b112aecf571a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000026

MD5 77bd9e2ebfa2a176f6de0bf5b917f38e
SHA1 48760348561ba155c5a57bb4e1ac7fdf79372dbf
SHA256 1193425683b027058dc98df4952ba744683848318dc4dcfad5e5f667d96dc2b0
SHA512 1a9f85ca1af311b5acbd331947f0c23fa94b3809ecdc9d354fc0a95f665bee8c5d492e8508bbf906a885cf70769c5339f59da964b0e34a8c76ee7699b2d3479a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025

MD5 f52d27ff6c5612ef66841125de290c9e
SHA1 6b84a74a679bc97033a834b95c55e4b49cc706d4
SHA256 bf3019f08243214df29380557f72ab8149f38b405785a90063249eef62e88d46
SHA512 a672845d7d557d60297ccccb6e5712eb72038761c51c3fce5538ab94d6c34d7d01222fc446edd1da0a3f6c7a44352302f791bbdd02a7081ec9b11c07c9aa1989

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000027

MD5 2640ddc532872bdf032cfb99ae0e2bef
SHA1 094cecd175db3744938184fbd357b6d54ecb9b53
SHA256 3320c8d0d3ff8fa60ad87e0a2ca6bedc8f469854686ece173732b1abd4aaa873
SHA512 9a62178ec29d57136ec4d38fa5f4007fbe6c2773c13af937251d57696290dbd6e6edaccab0a2c829f221bb37038b9fd81c60dd030d6b3c50de3fe0fdc6823403

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

MD5 3fe5438ae1cc0986ca4fba339cb5f2c0
SHA1 fb38ddf2a763ca95166c53a91a576f036197327e
SHA256 d5eeae2f90455630eaac2777f4ebe95354e9247c69230a107ebf34846ef1c818
SHA512 33e1a809cf994340b87a9b52f4d80d340e0146f00667565c31603514ae2c2ce4977414174af159690490836ff204a92deb13a23620d2d3313382d8fdca964ee4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

MD5 0bc5de18d1fb82dc6d36cec23e52d2c6
SHA1 416260a7af809d024cfab422c6297f2002888e7d
SHA256 5bba4ca37ba38a70e330dc20736d01f5197d998d0a851617f8f9c84778091c03
SHA512 af73e113c5093c618aadc2d39b909da7db553f83108bb2e40ec02df8929d4a6a1b83051eef3f1ac41493487e2edb4e6dacef996b79d20c5dc6813db471bc98f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002c

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 87ab1faca0746a9d86a1b113f2bb26c4
SHA1 f71b8eafd1e8f2dca5e9615555fdc3e9c2cb2455
SHA256 8622c554d4dbcf8070ba0641ecf3664faa5e027cbb489398506ece3e8cbf9840
SHA512 3122bd15171158d456644019375e808c601376b6be9a44a82b2023689555c4cf4cd31b55615f2410070bab307fad830ed7683834cbecc7eda80a095dbc8d473e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 6045619e3244a6f9fb962a7e3fb8b621
SHA1 2e63d76f9bf2ff9559aa570325ef11ed5e7bde38
SHA256 05361eb2b37be5e46251e042e56c27c71e4c00d4eddbe2ed5a5a80304d5d0bc2
SHA512 a0e398f4fed0338865c435a85fa0717c2cecb3c892eb4da0c53a3a661f9a47ec0b84c745b966e3fd88d3d8c53cc798fa77029bf2a4ce19c3216280461a9291d5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4a3e79296593dedddb20d339da557d0e
SHA1 1efcbbbcfd60ac3947d1addcdee5189a02de42d0
SHA256 c49c34701d2c2da259f25b82cfeb6c01000b1e314bcea26d38d70203415d70c8
SHA512 a55b57fac8f0659777f3318cb4072e190716f7f9892627beae4d65dbc140fc4d361cde8c739bf1dc83b7d50310edf953aaa5272baea2884394da25601f347f53

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 282064b7143c80d51deead1071a1dae2
SHA1 a5e7814f6f86fb87247f2cffdc4bf18a651d3dfa
SHA256 390ceec1d1a3b1569ebdd7395ab60c0ebff539f87b97b8c09288e747309159a9
SHA512 26e4bc53d894376e976dd078dbce41aee3889b289639879043490f1ad6ff23a9d93f1f46a521dcbfafc80870bcb9bbd0d5ee5b1aaa8cc3ba75d00fde9eb5287e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 bea6aa2885dd08a491b44423c4ab3a57
SHA1 030edb2a59a0757cafa4a71329791ca9d755c775
SHA256 cbe4216a4195ce267b0dff564503fb975e3fb7ad3a867d3205189bffc567c9b3
SHA512 c81da93c404bb8cfa1895fe10d8b187b735d84118b3688b5dc0b337e1530cfe122913d6b02e977557e952529355c7000523f6df239a720e9eb8b9528b7600be2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 85f05f53ab91fbe1d1c46d74a83a8a46
SHA1 665a50f8eabc8ec8e11550331ab3fd8874406fab
SHA256 3a9d45fbb43d7ee10adaf1232159ac98f4606efe6e979bc0243aa976286bbd16
SHA512 ae8bb3a5092052f84481ead01f13bbf890375d5e0038d9ae051277227dc57f21c517668f0e6d8951f177f59032e6e87efc870d7eb97226a254c1876fa2bddf8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 caea67f3a6c292a83d44be16655f2db5
SHA1 115edfd28efb7586c013d1ffdf9d3c7f99ae6872
SHA256 a79aa8ad34620aaf85f51e87ff8d22b4bf999273159e793645796dd7d6436cb5
SHA512 71a6863ea8a3d796f7ddd6abde8c70a1b88b1d3d91ee1f5ce3013b9fe1059b9ef8350a1fb6a0d2f1d2b634efaeafb0c73c7a7e4b72d671cbae15325db5663cc0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 741170dc6ad7f3376254c751bcc4cde8
SHA1 ebb4e2128f6063aad9d56f66fe56062f4b7e938d
SHA256 1021054836d3f87e280f07845bb15fca8601dcc18198be727e299b4f2860f2f6
SHA512 5c1097a94576e756a681f095bd583857dba9f82ce255b2f242d8bf124684d074c9d42f45e09a2047ae7b9597b43eeb87578054774b2ee31e66e7672de3e0975d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fb3322b872acbb10a4c6c047221eb0bc
SHA1 8f163f166480ec0d8b0d5ae787f18c169ffbe94e
SHA256 6570fd5896b872baa8e992f9688cd40a546abeb0f69c38f4959308d65fefb097
SHA512 6dfec4c96392a523a48cdeeaf67b90a563b9f949958f9e64b30198dfa29048ba497b8b7c74acbd637cd87032643ca0262a0d9c757e81bc6f6ee5a9687d8f8b4a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9f0332655033e15cd44e7d14435c3e9f
SHA1 6537c4e1544fffade409a12e9d6d7e8296b482f8
SHA256 0fb39778f5b912dd362c098ac57a618bfedb201d39fa720cf36edfde6cd6964a
SHA512 8cb9bad252ca6fa7418b04f52b330244ce62cbaa8468c2da3474845f944739574cbd05c8f6e18d4d1ba5572e3099fbb1e8b816a601a792e7390aaccb69a3b4d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 7a7ec6a7208b94c6dce83869cab11721
SHA1 797b877c620de7f8d256a0a053a0e43f2de97791
SHA256 02e443df66dd2b53029b1fef3b8b4b62676548636443020f4477407dea8e8ff6
SHA512 199bc394881057f13e84d804d2a3d2b96b86cb4a790df9f668950e371b32ac087ca79dd30e51aa50accdc22b7f942c64db63dcc4096f074aaf88c622673386da

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 67a38552817eaa36dff599dcaab31789
SHA1 5b94ed991674c9a7ed36525ed794457958269afe
SHA256 a563bed8e9c5e6a1ea716e7ee671b5abd71ed0691a027fd3b5998f0fff841ed3
SHA512 9101fb22eb111a82184bb7648547460c40f53127ef666bb5e05ed107c6e4b3349aba351ddbed6f3d559070de806b55367114c9768401be6b4a834c71e9d6f380

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_0

MD5 55879cc077a1a47840d5b90797ec30ff
SHA1 bc525d2e7b3803a4c910fab2ef7f24aaf0989650
SHA256 8cfe3684521ce445d3581a74da995fc0774662222a48aa86a9d66ba55f0627d1
SHA512 3a63f5e05b258d376926cca87ced291630424eb7a10e6a6d6456093abfc0e6e1969f272546f2fbfc4cff71aa6c46a0ff03e083923eccd01c59912b88578c0511

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b

MD5 eca4284118a32b97d2807a8c5abd6c95
SHA1 af677603b56e4a61d24eb8a770264da836360333
SHA256 5de9d0c886cc6e88494567eeb84154be437255efd46c95daff67aaa062088291
SHA512 69698dd79ce29a2d9a0c02950f91f0daf368cdf724b694e0a4c0dddc2c6692c5258a135f6974b9048a53f7284707231a38b6fd433bf93dd5f49e1cddb457d9a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d

MD5 69ef5389fdbe26f86ba6ed9d20ddec02
SHA1 222b3a136480b68e7147ce28642874d9320a7da8
SHA256 1b66479ce70cd636e1cb46c5a96145e0b84e929ecf5eabac9c47fcfdeba9fe1f
SHA512 bb60894ec7b17a32728aa08f15bf578e4ccda774be3f5c01f907fce99e8aff63831a3a823c3973d2a43f6083cf14a8d7742633373300b3630806326ac43359f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002f

MD5 0847f502f3670eeee3c2b5cd93c8db94
SHA1 984881be882fea76d390d373222c08f34cc7a31b
SHA256 bede435865df71b9152966ba6e550b07ae481f795dd2b69063add1e99bf6c23d
SHA512 2eadbe0158bb6a8c19016cd5fee52c4efefc3ae2e8655c16300cd449f1774ee875594c6f7826ac7c4c9dfe215a5c9acafdcb68b8bffa00a70468598aa3b46c0c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0

MD5 aa416c7ae1aab0c80422b360767a5840
SHA1 b4076f94bf9a618fba876b0ebd3afc67a55d35c9
SHA256 0e876c681381a507a32ba4fc2c0457d700011a6c6a3328ccf5a5ec2c4ed9c001
SHA512 bf33865523f5601265297868fc27406bf43c9ec63c5ee4d856e2077a28e2d2c2b5e82e1bdc9785247eeb0099a0429a2f2505a4d6f7ce41c58c0290990f7b39d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_1

MD5 22f0d531bcaad29406508e9fbbcc4744
SHA1 27bbb5585a473c5828c634c8e7f2fc7ec31f122e
SHA256 a30a2d9bfe85239159e25d6b678b367fcf4543ecffc2b6e19306447b73ec4874
SHA512 f18af68c262843871e5c5c9de4492030ea5bbc235c009048d2abf77f1451ea2411609ce3aa07d6702d1fe285d19b3345949c37a12fd5532b98b98a4dbff538a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 be11b04f1ec75263c491b4fc1f92dde2
SHA1 46337e2c4564fc2bd753e4dedd7fa5a5923a2258
SHA256 b01f7b4fb0110ef4a14054e0e8382620077ecff93b229adc24c552bfb07868ea
SHA512 1b0129027a69b28590e85114ffcd2ac4c0883f102688f16c33b2a0c7e068cde154aac289c95fefabaeba8b15e951f496cf6c96752b54b6c7c32c76a4a5248e89

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 306bb404c85d143840379db2e94b9476
SHA1 ac39b3fa6059561b528e6bc4459fbb1d8cf8c327
SHA256 c821618a71323c91ce50d288bcea823ab507ff4dd8ad067bc4b136fa920b0e1c
SHA512 76813608b8e551af414ab1740bcbeef04f198a36afb3302c12846cc4ccecb7e5ae816c26cb0b41f3ac24cddf835c316403e39b2e956bd300a7d9a454c4b3f5f3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 7b3a3463499af148b23b3e5450ee3a7f
SHA1 ac6068796f3dccfc2d6839d118954eead8561b31
SHA256 b0e5b6577c72c90aaab9a1a3eaa1172758adba916846a1e0e28a5020518291b5
SHA512 dd646cbdf833c07ec10ea2219858c70284cbeb32272c328281a3963af585b4c3264435485fab5b7f364cf87b39fa760cf57efee25dca716097ca93de03607cb4

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\AC\BackgroundTransferApi\f8044cfa-2495-4f30-b14e-f55d3a813c61.down_data

MD5 5683c0028832cae4ef93ca39c8ac5029
SHA1 248755e4e1db552e0b6f8651b04ca6d1b31a86fb
SHA256 855abd360d8a8d6974eba92b70cbd09ce519bc8773439993f9ab37cb6847309e
SHA512 aba434bd29be191c823b02ea9b639beb10647bbe7759bbffdaa790dfb1ec2c58d74c525ef11aacda209e4effe322d1d3a07b115446c8914b07a3bce4d8a0e2c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c8a2679aca491341ff92264eb3d0d89b
SHA1 7d5f4fb5543b48b6df0985b7c7f8791d8d9a0e75
SHA256 8bbbd09396e75bd098dfdd6cd6b3cc554addf87babee421a6e79a046fb82493a
SHA512 8f766239a0e36468bd10be7f2652103c9ff5f834331d5d2ff5a153670d9f340bde81754e711b11994ae84ce0cd6ca6d02782d7876c33917b96dacac34bb83b0f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c23f8c129c56a38a9b9d0fa3e5a0ccd4
SHA1 d62adefe4774e0e505647b5fd8c7753b7e08c4f2
SHA256 6309dcaeb262d32479987c559620a502d2da3bc796e7816cbcf8c4c95518808f
SHA512 3033d8b89a285bf64748fe1ceffa6ff3b1ed4eeff1eba4930386a8e0780387a37c3a835d4dc065185702c791416e4ee9cb2b1f0fef1752f69e59da0fea56d447

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 49ef9fcf82a653e8044a66fe9e39e8d4
SHA1 51d99c947bc4ed636870e3a5f4276b6db3fbf609
SHA256 7dbf8683a18b0f4ddc2ca5eff8fbc8133b6aa967999650b5c2c1c0ca63a86c5c
SHA512 2f9d527a33472929b7b584cd6150f907b2755e0bb23d797f2f9d5ca2e19841a2df6d0a2772514ed6b6ac79cefca680a2f3d497c85a05f09ba49aa6d85dd7aa75

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6336afa3eaa5f9aea819a94931db28a2
SHA1 51fabba73ea50804a2ee4f0d780ee6991be00921
SHA256 9d50cc61594ac043c61db5623a615a6dbfc4ce99fe09358de189817571252dfd
SHA512 00a99e0c211c4f089c2618f69e169de16194b8f16ed8de406f044a36aa528e65833a57c5dee9e5831ad67e01b2b33cdfb1711ba96f0b77ec8580add9a16e37f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c3ba4bbec1880ea476102cbb0cc3bcc9
SHA1 6c2eb44887d5737de7df486da0749638920b0d20
SHA256 9848336e133a1abaaea9877caf49f020b46ccdab2ab0c22ae923e6c56fb27811
SHA512 c07c293f2635f7ea87b75129d1b01a3f7bbfca5f3e98c39d43848da9a799b33857ca12ad7068d1c5708b28ec904cc65d54e00aaaac17fa783de310ce5efb4f3d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5d6b45b6e0d9e840d343d2388d5d36e4
SHA1 2733fdfa26823dc08871f06e71e7bef4ce69a41e
SHA256 f11af5d25c06332c155756658946f10719668fc65183bbbdc657601ff62319e0
SHA512 95dca4aadd467f035827efa13710c5a5356eaa060f7c2ef2297091db90def9790e1dd274667fe945008d2639ed9d53a39a37ebba2b83ba6b6fb35e9ca370ce82

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b0e7dcb7439c264aa33f70e70366bbf5
SHA1 f9c642949b3d481f9b31a803346e2c1c23ca88af
SHA256 a493c405d1f6357ed03848f0879a8a2edad05c85a17f8116e5c17615488b269e
SHA512 885d7e05b56a1e7a56b5a1ae6db3ea3c583989f1e61e7a6ff24415ff5f3430a389aa963e72c266190ee16b03dff02f0fd405c101511006e2768db2c81cff5466

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 5c7f65795842be50d035798d528af7af
SHA1 116fbaa3bdad6fb86751247ea71b04ec6dea502f
SHA256 4964d396c5115653af9e39ac6e44a546497763bfcb28f9841dc4188df5bcc8d9
SHA512 3834c74b7f80b3a00c66b61c1f167a9182c8a2f87531844e0eaa8e614bce4f25d7dc4b33a38a61dc3b4796e170ed92a23ccb539e87ca8edf76a434079bdfbe1e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0eab54268b87cd36c1d762eb4755743b
SHA1 d458aa3ad11119fdbfd7b40c2aeaa90a0cd79b51
SHA256 bbfbc30c9bddf1a65af3bcbfbd1348654ba2c56e15e1c30741ff2019158bf3a9
SHA512 56f93228166bf8ca5940a3d5c7421024a5eba15bd846289e5ac2c634c62cfe252c50c53a6bbd777dc33ff8005e67f520a3a207dd8ff1000479dd9179efb547c6

C:\Users\Admin\Downloads\Simple Sandbox 2_1.8.11_APKPure.xapk.crdownload

MD5 6a61bbd3f6f726b4a7fb57847e278bf7
SHA1 48ae82664be658b2ac73966a40f4328108940ba5
SHA256 033e50f6b67444c16d2aeec642b23e2660f12910900be83c14354e5f6063e367
SHA512 52975e431df5d2272a590facdb94877fb24303c40db16f8549f6ce9296a566634f3d172a59a0119a4ebce59ced6fa0997895e2cf20a8c8be9cbf2375db9ebf51

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ab48422ca5d772b92fe064c50e9c7f3f
SHA1 b934f0df3a680bcc18c9ec26352af0e9a880e16f
SHA256 8987dc5725a1fc290ce6458239cfa44ea1f4a1f2700b9a4c4d2d3bf33eb9ebb0
SHA512 c361e30b4c61a37932c11e8a9a1d4e40749518840220a3d2479c1cbeb0475f76db6f576d8eb0572dc1741c9f8400c428566d8759021adb5b3467511c6ffc2607

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c75ddfb83ce8408ed94784748e6101f3
SHA1 b57443d1af755abd1ee4dcd968e923932d8d4d3a
SHA256 f9caefe6279acbcea4bce933ada6f783a24184ada805c5498f2b99eb6b8fe272
SHA512 2dafffab44690aa26c4a4b37fc120ac5543b14270fc7c4092708e38fd47737b9f575a5c218de1009df8ea9641251e1fe9cadd1891ce3b5edb4295ba302b21c1e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f31e09841400bf95a5cbb2b38635a8de
SHA1 2537838b6cc5181de0de7f7ababe3d48e91945e8
SHA256 1082013a6ac7384e645d3eb80cafd3a0dbfc1b3ca264240c7df509b629f98b25
SHA512 680d5355926e8dfbf9bdcc8d855c1dc19fbb4d98d973965990dd6c424d76d359d22371a69403814edb24921d9ddb40284075c6134c1695fcf0e6a3390485a5f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6cc6b7652e25cfa3d4b1c0e69f9b3d44
SHA1 3c8bcfc401c67d3df3088c52aa576ba2ecafe128
SHA256 c0f8ab397fe4e43c2c0daba6445b1be7e1af91453b27794dba931368bd8d0bab
SHA512 4bc2555717c2ac54e9a3219e5d67821c53f360821dc27dbdf4984907644716a1d7353d4064dbcd72501df84ef446c471575b2927fa510c4e67cb2095f24cb326

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1f95766c8b09bd7a565fa3a08471ed28
SHA1 3da6b7224d60700b10953021b36dbeac737a75d3
SHA256 1363a11096ded34f76e397605a61bbf649322f96d8cb80bf0375d1cb486b2fc5
SHA512 279e2f1840c038fe975ea551727f61684abd6fcdb14bce5f77250e37619ddbb58deced6d22bc5724e69f5d06e3cca9a9691f455723c31161d2fe569102672867

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bffa2aaaa2a8ca34dde12a8571e6e644
SHA1 8cd1e9b1ff733f117392be7b3162c08c39c9f6fe
SHA256 e4722ccb9bb333db5ca7f25f2775f2c97df81e766f49a858b62eea5d3909c898
SHA512 30a0b4722cc9c388da0c87e03b0e4c09a97801b7c0f5972860928fa24492bae785578e44782516f014321dca2ac8cdbd71de864ca12315b5b48a77d519103199

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 47774b7f40618b78fa5654ccf5ff1e1c
SHA1 121394eee1e4f79c64a250b80ba4a5c4ab1f894c
SHA256 9dc8f3745066d310d833dfd4b3490e233d018e03a0b5a6bec0b82d7d6d99dc4d
SHA512 812c0d42111976af5b8c1037e56d29545d1725e33d6e13c6d2abbe14cf978d702a0980e85125c53849fc9de021c5b52f75e0dcee7e5204dce93882add63f7d03

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 29d4a53780b19ca0ded3cd54e93fd356
SHA1 1b51b1241bcbe3c331997da3312db824e8579006
SHA256 8b45c08b3ac56bfa9983a3ad55c28f57167da32fe8b582b3263c4544c6de0e3f
SHA512 2640b1f49143df3fb8f4b7c9eb7228dacce343a9775f99af0badbba2ca6fdfc8d09aabf8ef7326d258abc7167227fcae7abaea2ebfb63d22e0435f30f26c4a84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ec018837eea0645676f424fcd9fc51f1
SHA1 211e8185ecd4d76c6b068c31800ca0788d002eef
SHA256 0a179d54e279d6e375ceb0b1c7c8f1d8336b79a2486e366b70721d479c68d1bd
SHA512 2435768d9bbf0fa27c95bacff3e5e54941f90d12ee8c95b2a954329af5343100e830e93263127657027e6bad31eba593c0f33628e14def4f9f41a8c03cacdff3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0a65b4bb5ebe7e4fd81f5b9b9db2c02f
SHA1 f78bb1e4d08b72e056f48b6fa50acc8331621363
SHA256 9d210cbb3d39451d72e47c738f7d0b02811e34ce75e232bc3ec5ab2a133ae732
SHA512 6a5aedba3b240a318bf66a71b022ad178e82f071809c89f3e365cfc8d293ccbd800650ecb3ac8f0665e4d37b17f0c4e035b0339f17d40755a4222919a49ef083

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7d254334902cc8337b17229f66b02248
SHA1 a0c0b68c656ea7a5274e9cb86a15e84bab518b34
SHA256 41d8c28943ddb2a8b8e70f850b5409623822d53157f4a0d875ab61b7613d541a
SHA512 f89da54022ac155224d1c531a7bc35712a7da5809b30e1cbf632c34d9b5307f0deb0a01c37ca589e16303efc74fe6e702eb0f52eb4d2c287d01c559c9ac8aa26

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8008b9c667dd34a33174402232ca2e43
SHA1 f8fed845c08feb2a8fa5f934d32a992c52218d9a
SHA256 fcc139e21ab9d37945796a18a108f2cc9547cb742398dad03abc3f759041b368
SHA512 794bfc7121254b57fc30a89861d3945bbd08e36bd91e9145de4d78d5be1d8564696e352258f0e847a4a9f804bd0f0ce6467b8a5e449d5bda7c89f0de90498057

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ca017c887425fa4d1b6f499213c51a2b
SHA1 391e71f2c9d84e374adc326116abdf468b468065
SHA256 90d6069e7d8a1e6057ab2cbc201bdf2cb3695688888e11caa5d9addb7c9914d6
SHA512 e04d8661438e1c221a2d615065cb5b4e3e727c1d13934ac47f3136a23ac9210b34f902bd8667e1a66f13b70a30a382d194b339e3a0d0ea6b4adfc03abc4a112b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7bf00a3ab81e4e316160b2856c6f1eef
SHA1 a0a622688e191df13abe3085f09c2886d6ff39c5
SHA256 d4b017e36a6b23fdcd9f883d66de52917e86fcdee62130e19f31887bcd462a78
SHA512 0e3299ed13da6f4bdbea6f2e50d80b983c444862efaf7142f322f77b5b200cca8d65f1ef150f1cc35048a1ebf59427495531f7c25e38a3cdf75917c512cf2abd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 59826ef2eae1866fd0a3c5a4d14fdcb7
SHA1 c4a7561be33c92b3f6b3f7b33bebe95ab78c15ef
SHA256 8dc9c67681120af992b59b95c1c7bcf4ef422be583282c4ba40c7788f490f4a9
SHA512 5de4043ae9507562442bb641909edcf757a5e743c348b7d933d333092ef37ee21a4fae8752a8ae9c88aec6e40b713b547b15789a5a7929a0b39fbd4fcde22071

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f4523c7a92c3b738289e7fd43f3e5ea3
SHA1 b7fcd40b9e967d97d74fd6e99bbc56f7ba9e908e
SHA256 3580b18fccfe46b7f07d2da5286ce52a6eaebb7ff8343f04130ac8d80d680981
SHA512 b677a3c9eb5906e6bfefef0fb323e553acdb3300f376acf5725e1a2c729c1e2b5ebee22537bdde5942bf8073f85c27f81d8fabd3eb7ee9342de6e3baf6a2d039

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1f130b11c6ec75782eb2d05e3ae45b44
SHA1 36fa225e901defe2cac6c679b232b7d8ae7cb54d
SHA256 beaa0569fbf55d52e0dbf3b1ebfe1b7a7f813709bd7ec104f45e7d6969a62ebf
SHA512 82e5fb4de01dd2fe988225b04b735a345cfa3041e4b0e34b0b68b6c62f8c704eb731f63c656a6be20825c33c96e0d28b0bd9cb31a76f36d70fa91f9e3022dd79

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 80faca33e1aed369ad086cf19b7b68eb
SHA1 2011951ca54b97b4f74e9269ea22982c14b85a2b
SHA256 13f863f600347b7716a0321a18457506cdfcd80e02a999d614cbe47b27d6b455
SHA512 ad3750e9c58d31b5978cd190db7f984b3d44eab55c19ab440af9de71f3de63a6a61c164ddcb913c4912fd65be3977f997099a73b33236b64a7a8787c6c36abac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f20451d1ecd746eae50fca4232c78b0c
SHA1 a493e66bc6d599e84e6af8cd754060e5a0a93491
SHA256 c9a4bec9788a8e10c09013917c89261de9062ff3f7a126c5a48a741a2413d47b
SHA512 2dfc6cb31b78f4cf6b2e3141a203bc58b79f63758ce250781f3622d8aad23a898861ecb11495e609e57b66b3d2f030444d4ffc6da38fc57580e056ac78eff1fb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f7c3e4fea4739c5e8ee98f78af16a3f9
SHA1 e6e74fbd63a9b356505019dc482e6289878f6068
SHA256 e51058047f6b31fd8e2d66d2fa5e10dfa9d7abd8b752bee9fb360ae1e71c57dc
SHA512 93d7019f1ecaa1047715159de9632e19258e13328a1308bdb9a7758c56a7b34f6dfa08857542acc065c28e2a9b4bf35eb857c9b60df9889f08f39b3a7b879a87

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 519b09d5e69b86015bdfe7ab82c07217
SHA1 81f54d20fb5a015bbaa88a8dc50c8b8a6975a673
SHA256 c7937911a5e845e7af7e37aee35e6e96d47bc4086b79b09102507df21a4e3db7
SHA512 0e75ed9e5e23e060c48e9bdf3c6cd2173d70a3cc0785e7d89cce0c665b93fe2d194f596691d45fdd85f55576bb82bc3d75bc753d37eec412668096224cf101fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7429dcf9bd0f13681a7bf11a9b38d8ed
SHA1 b0fbb22d28a0c8177de69b511dd05a0a67a582b9
SHA256 56e132d82abb339696301498673157d5e5366f6c51d13d05622f8214e5aa8085
SHA512 9d3c74e7e887ed8b6a31e350cca49e54dde6b729fe43d8f4fb0e9356ef6ba19126d42777684e4761bf0cb233ff5b899f32e9279d2a4c3d84432b2bc7e78a00cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 798240bfcd337aeab10d113acb627c19
SHA1 96fe0dbb5f790b675244a326a988b45547d46068
SHA256 feaf55f434e0fa9f5fb457e6e65c5d1dbef7f642b12519e649c6a1a36fe2826b
SHA512 f289f203a9206518102e74af94786f06d42eb5a64cf5f3d596c1803f785d582d5093fbc7e218666183f4dfed0036eb79d13f9b0a8d78afe5fd99e00282ccbe8e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5af9b4b4c11fef6d1e1f98e063203e96
SHA1 1d56cf01a0a65f191c3fbbfb7c43b3d5dcc3a369
SHA256 f29ece1fa4f3208f2dc3c6660be80c3895cc8510985112cde77c40108c4ef595
SHA512 304c4742cb418541518da70c40fb5185e3ae34fdf4c27b1411c15103d49ac371bcad37daa4255747ef774594064c2b123d02b8f5f1c30b4ef99b021b015e51f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fcb31d0597955f8c32daf6f2409e343f
SHA1 7f002699e0ee76590aacd3dab9422d1b92c70db0
SHA256 4d92c69315d908aae20dc4ec2108da18e972b577b83b44fd34b07026e78fb16d
SHA512 8df83a3ced74fe51b6eea1daaa5b58b49f5b8f781686432298e36aa37c1d9b55a212c007c0272e9c89a1d2b6a2f04d98c57f81c3d62ca3afb71d22a7c47f0390

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 aeb947d24f1cd9988f2364e28162d0a3
SHA1 2f9a738af33d8ae3df1b1d9bd9c9e46aaee14aa4
SHA256 39ec619788708986923c2e30cf516e98caf59f4a1a671df3cc4027da8a4dd603
SHA512 e60231bf911b2b6a8172be8e3fdcfbd3db39399858fce2c6d16ee89cd4240a4e021caf7c4a8544796070a1f4548a6233d4f201cd3b384aae79213a488bb9b118

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 56a75eda084454c7535a16785079248f
SHA1 3a1215f051b17eda6836273d4187154e6395ea68
SHA256 945e9efff04995b39ca410ffef50d94e2f4ece0be56b906fd272ea55fdb44d01
SHA512 22b1ed06ad69a1973a93a89fccda22ebc6da10ea9a0fd511108e28847b336ac56c787ea6f8b17cc277223ceabef0906937b3e815d1489b01eec5dee0bdd12d8f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c791697005ed5e080c63efe0232196ab
SHA1 2c4cfb44d79500a20063bdd9dff3ff90e6b672e2
SHA256 7fd61d7942c03705e7a6a08b8a8840ad22977c4106e53e27fa5d6ff2c3a93f27
SHA512 0a77ffbf309c5801b7cc7ccffb601db972f4c014a50f9931ce7d773dcbccf54ba95c4bf7e9c2b8e3b525ecf487f065826b3639a8f859792d0b499605d39509c8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ea501c0ea5dca84ca7ee2b2b94d13f79
SHA1 07afe615367a88a753f0c630f4d3db0ca021d3b2
SHA256 43a228837900fe33b1f5005757c51cfb8283f42625f96919fe4f4f530960aa45
SHA512 3b670293428ad86dc134ad19d378ec25accb9f817661614e43d8ff08c04b24cf3bd46c8ff87219e2102e0c55c67b56b3c6dd7a0bef9b484fc164f535668a24ac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2c768a22ae45eb5e671f2a33631f35af
SHA1 fc2149034ee0055c63e76e8502431823f0debfee
SHA256 e3d45c99384940b242d3b5d9c54f8589a5042f24a46c2ca2436460c7457f84bb
SHA512 227ce3a120d274af0bf08757d0986f1d96629bf3070d5acd9c012e80b40991043d96579d362b391fc2f4910e28da8215076f7bf7ef2c8932ce7c2674a4fc0988

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b0b14198319a19a90f3c291bda021c1d
SHA1 eab9e93ae87af0f4760b334ec21ca6d23d5a9034
SHA256 8839e137417aa5667eda017e22904d7c0faacc7bfe3013c9a996691a79dd3021
SHA512 f3a0967e093e68491be6a41402125c39e78c65f9bf3953be1cd53f5cc8cc14056aa882d4915bdae96a3f37bfbd760e3af31f0255c2e6850f008b7fca942516fb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 019ed6f386aab445613b0317f50f8c93
SHA1 3d4d71de9f3aa774307236b6123f07a63ff89848
SHA256 b7cc7589adeea32ed568461b38efd4ba0e67dc6e1300528e82e626258e008660
SHA512 21b52c4c6023b909a06ed06e9f03b1ec9486838425d268699b3f851d26f1e10b6d3104b93f7e56dece1e9dc132ee2de8d5a7f1653dee531a357b6c1398dedbda

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6e15f6acedbc77fb67b4ef9f5f6cdbe7
SHA1 adc7a6bd8da26c1e8bec306d251d2861ffc4474b
SHA256 f90670b051f2af2d3cfb4ba5b1f7d3875b88f845187665280c1f136aae14339d
SHA512 9216e18304d5a6e37afea22c44a8acac0124fe284cfe3cf02d5eca2f7d0676619fcbb3dd8c95d68faa2feec8c0aa30eae56c08969bb2034fe9ac73186e156e27

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5c6c2b962cef59d54d8a4367b7edead4
SHA1 6aacc94f0f025709e6e0c4df5e483ce5280bcf4f
SHA256 d85c538767a0549cdcbaf05d3b4929f02498fd39da75502f809bfba9c953eb29
SHA512 baca7a96d974ec76e333ddaae239eb33e4c3d72116bbb47aa4dfaca4db9305016737d23ae3ce4fa4e30d9f2693bd3a33d7bf210227e75cfbce3db2d725091edf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e2f77ecbdfc9600eb81c120fec4eca25
SHA1 62cbf88f4833266aa1c2114065d2c3f74d9f3197
SHA256 d08038f488b254ec1a8e29e6641374719a52e5f75026df1b886defb0121a7813
SHA512 485de1cccd7df8b55a789ed09291b83bbe4c83cc401137d5f250ddd2a38afb2ccff8d85a77ca44aa085d01ad7a3fa7503125dbdd658ca9a431d81dd50833263b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2801208b2204cf12f97d670f80f021b3
SHA1 9ece2bbc67720ad502d0e78e9769f97e24151bdd
SHA256 a4df0d386230cedb5d7a8690ffe2c0b6dc9201cffc922edd675bafcaca37d69a
SHA512 e8e3483778ea042cc230091fb1df82b0f3bc1667233829b9e433784922f163f5596d5142abb60de876183c911e9d13fbc8730546ea01ab7acaca810c6c5caf18

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1dfb5b8fe78e3461c326b24d39751447
SHA1 942a31c1bdc173a4dc421eabff82f69c68c0f31d
SHA256 79e037805707cd4498ce3185c5ccf346dd08250c321f82dc26c693bdf428d54b
SHA512 7b6c24dba116c31742edc9c20164bc860169bf6e6b519bb696b4d5284735472842e6054bba7c2d88ccc74119cdc9a625c13861df1da71ca7a1a36661b792f034

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2e41102f2b98bcea69c8a764541d1b08
SHA1 52a0f6b0469808db388646c0db2a910c5699782c
SHA256 eeb401fca660aa898e5767fb24ae847d7591a6f3bf6249baccb65b48a6c6a946
SHA512 2f70d78a4d6a272f598c02ed1bff3de3da9c8a63a2a996fd5a8382ffc33f390aed8948c1498018102485f6d0129606eebc5e52162fbef619196c524dbb1eeddf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7af1f1c2c7dd85559ee992807abdab7b
SHA1 3ff8c5ab2145f16fe99980b77be17af99aaa2127
SHA256 b5b2c4d2a311b78d8f864eb71df228644df4eac33aee9b312e2c4fa8023c05dc
SHA512 feb45d9c251bc1fe778454191d623688d3fbbdb39a37aef7a57752e1516f4d14f97abd2d2b45e443431d23ee0c3c040e20176b09d2febae0126db476c02bddd9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 172df19fa18f2a54718c36c44faf722a
SHA1 6711c5ef41234011d6509f46608df16b15dd36e7
SHA256 f5a0240530e06937aa1f86a054ca942afa67f279996a667289c0f8fb060e2a87
SHA512 80640fb3dd8b7e79ac38e7c83e77790d2f12ab925f3f518afb0a12b5f31b0b34c02f0faed3fdbbeb22c970d6adf46487407bc8207898c2453425084fbc27e86f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d6e0e8bf0a4ac699649454034b2fc53b
SHA1 eda1739c332e23183510003cc3f2f806f3938ea1
SHA256 e1259bd6da31d14fa37257f2d3b7a252b85e8d3767e3a92f25634ba48d316374
SHA512 dc8aed63af9088e991f24ab6361eb126a0d4963a52d08da0493ba98af111b48583177f63cf13bfc10f2b401db8d68b5e1edd8e0aa87ad31e497f0e70c7a7f8fa