Malware Analysis Report

2025-01-22 08:55

Sample ID 241027-q34btsygjn
Target http://baidu-antivirus.softonic.com.br
Tags
discovery motw persistence phishing spyware stealer
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file http://baidu-antivirus.softonic.com.br was found to be: Likely malicious.

Malicious Activity Summary

discovery motw persistence phishing spyware stealer

Downloads MZ/PE file

Loads dropped DLL

Executes dropped EXE

Reads local data of messenger clients

Checks computer location settings

Adds Run key to start application

Mark of the Web detected: This indicates that the page was originally saved or cloned.

Drops file in Windows directory

Drops file in Program Files directory

Enumerates physical storage devices

System Location Discovery: System Language Discovery

Browser Information Discovery

Uses Volume Shadow Copy service COM API

Uses Task Scheduler COM API

Suspicious use of WriteProcessMemory

NTFS ADS

Modifies registry key

Suspicious behavior: EnumeratesProcesses

Suspicious use of FindShellTrayWindow

Enumerates system info in registry

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Modifies registry class

Uses Volume Shadow Copy WMI provider

Suspicious use of SendNotifyMessage

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-10-27 13:48

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-10-27 13:48

Reported

2024-10-27 13:53

Platform

win10ltsc2021-20241023-en

Max time kernel

300s

Max time network

301s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://baidu-antivirus.softonic.com.br

Signatures

Downloads MZ/PE file

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Discord\Update.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A

Reads local data of messenger clients

spyware stealer

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Discord = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\Update.exe\" --processStart Discord.exe" C:\Windows\System32\reg.exe N/A

Mark of the Web detected: This indicates that the page was originally saved or cloned.

phishing motw
Description Indicator Process Target
N/A https://storage.googleapis.com/script.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html N/A N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\0f6f9f38-e171-4bb4-80e5-e72e87dcb9e2.tmp C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe N/A
File opened for modification C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\20241027134831.pma C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping6160_521673719\_platform_specific\win_x64\widevinecdm.dll.sig C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping6160_521673719\_platform_specific\win_x64\widevinecdm.dll C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping6160_521673719\manifest.json C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping6160_521673719\_metadata\verified_contents.json C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
File opened for modification C:\Windows\SystemTemp C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping6160_566499802\Google.Widevine.CDM.dll C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping6160_566499802\manifest.json C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping6160_566499802\manifest.fingerprint C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping6160_521673719\LICENSE C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping6160_521673719\manifest.fingerprint C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
File created C:\Windows\SystemTemp\chrome_url_fetcher_6160_436333734\oimompecagnajdejgnnjijobebaeigek_4.10.2830.0_win64_dldxogwi36sxwpr57ta4lg57z4.crx3 C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
File created C:\Windows\SystemTemp\chrome_url_fetcher_6160_947776887\neifaoindggfcjicffkgpmnlppeffabd_1.0.2738.0_win64_kj4dp5kifwxbdodqls7e5nzhtm.crx3 C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
File created C:\Windows\SystemTemp\chrome_Unpacker_BeginUnzipping6160_566499802\_metadata\verified_contents.json C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\BavPro_Setup_Mini_C1.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\BavPro_Setup_Mini_C1 (1).exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\DiscordSetup.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Discord\Update.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Local\Discord\Update.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Discord\shell\open\command C:\Windows\System32\reg.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Discord\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\app-1.0.9168\\Discord.exe\" --url -- \"%1\"" C:\Windows\System32\reg.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Discord C:\Windows\System32\reg.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Discord\DefaultIcon\ = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\app-1.0.9168\\Discord.exe\",-1" C:\Windows\System32\reg.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Discord C:\Windows\System32\reg.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Discord\DefaultIcon C:\Windows\System32\reg.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Discord\shell C:\Windows\System32\reg.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Discord C:\Windows\System32\reg.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Discord C:\Windows\System32\reg.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-4074627901-37362009-3519777259-1000\{E3BF6468-B2B2-4C2E-84AC-F377608DCF69} C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Discord\ = "URL:Discord Protocol" C:\Windows\System32\reg.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Discord\URL Protocol C:\Windows\System32\reg.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Discord C:\Windows\System32\reg.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Discord\DefaultIcon C:\Windows\System32\reg.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Local Settings C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Discord\ = "URL:Discord Protocol" C:\Windows\System32\reg.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Discord\URL Protocol C:\Windows\System32\reg.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Discord\DefaultIcon\ = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\app-1.0.9168\\Discord.exe\",-1" C:\Windows\System32\reg.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Discord\shell\open\command C:\Windows\System32\reg.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Discord\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Discord\\app-1.0.9168\\Discord.exe\" --url -- \"%1\"" C:\Windows\System32\reg.exe N/A
Key created \REGISTRY\USER\S-1-5-21-4074627901-37362009-3519777259-1000_Classes\Discord\shell\open C:\Windows\System32\reg.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 898154.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 25896.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 654399.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 887046.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
Token: SeShutdownPrivilege N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe N/A
Token: 33 N/A C:\Windows\system32\AUDIODG.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\AUDIODG.EXE N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1624 wrote to memory of 1812 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 1812 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3644 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 3348 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 4808 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 4808 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 4808 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 4808 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 4808 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 4808 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 4808 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 4808 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 4808 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 4808 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 4808 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 4808 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 4808 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 4808 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 4808 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 4808 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 4808 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 4808 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 4808 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1624 wrote to memory of 4808 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Uses Task Scheduler COM API

persistence

Uses Volume Shadow Copy WMI provider

ransomware

Uses Volume Shadow Copy service COM API

ransomware

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --start-maximized --single-argument http://baidu-antivirus.softonic.com.br

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ffe4e5746f8,0x7ffe4e574708,0x7ffe4e574718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2164 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2908 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3392 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4836 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5340 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3720 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6164 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x248,0x24c,0x250,0x224,0x254,0x7ff77c2d5460,0x7ff77c2d5470,0x7ff77c2d5480

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6164 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6240 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6460 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6916 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7068 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6908 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7344 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7172 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6348 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6628 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7656 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8140 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8112 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8368 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8528 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8380 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8708 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8136 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7932 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8480 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5896 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8552 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8004 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7280 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7668 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7952 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6540 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7792 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7556 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8384 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9376 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9308 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9484 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9516 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9536 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4176 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9476 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7428 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9728 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7708 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9756 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9776 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8776 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9324 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5424 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7908 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8728 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9020 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7128 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9432 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9176 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7544 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6468 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9028 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7908 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2864 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8060 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9124 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7352 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6520 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7824 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9860 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3536 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4848 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10020 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10028 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9712 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10140 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9728 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8484 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10224 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3524 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=8588 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3676 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9288 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8672 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8460 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8852 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\Downloads\BavPro_Setup_Mini_C1.exe

"C:\Users\Admin\Downloads\BavPro_Setup_Mini_C1.exe"

C:\Windows\system32\pcaui.exe

"C:\Windows\system32\pcaui.exe" -g {11111111-1111-1111-1111-111111111111} -x {ba9c1be0-c71e-431b-9975-b3c1116ad8a1} -a "Baidu Antivirus" -v "Baidu, Inc." -s "This app can't run because it causes security or performance issues on Windows. A new version may be available. Check with your software provider for an updated version that runs on this version of Windows." -n 2 -f 866301 -k 0 -e "C:\Users\Admin\Downloads\BavPro_Setup_Mini_C1.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10112 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6740 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8688 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10168 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6920 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10168 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8312 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6648 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8356 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8120 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10116 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6872 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8900 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8624 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1964 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7092 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6680 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6036 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8832 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10260 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10536 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=112 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10660 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=113 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10452 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=114 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10928 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=115 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11148 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=116 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10416 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=117 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10820 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=118 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5180 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=119 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11236 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=120 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11436 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=121 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11724 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=122 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5904 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=123 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10960 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=124 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8144 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=125 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11208 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=126 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11064 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=127 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11872 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=128 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11292 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=129 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10676 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=130 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11160 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=131 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7504 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=10660 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=9940 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=135 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12116 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=11216 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11040 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=11508 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9496 /prefetch:8

C:\Users\Admin\Downloads\BavPro_Setup_Mini_C1 (1).exe

"C:\Users\Admin\Downloads\BavPro_Setup_Mini_C1 (1).exe"

C:\Windows\system32\pcaui.exe

"C:\Windows\system32\pcaui.exe" -g {11111111-1111-1111-1111-111111111111} -x {ba9c1be0-c71e-431b-9975-b3c1116ad8a1} -a "Baidu Antivirus" -v "Baidu, Inc." -s "This app can't run because it causes security or performance issues on Windows. A new version may be available. Check with your software provider for an updated version that runs on this version of Windows." -n 2 -f 866301 -k 0 -e "C:\Users\Admin\Downloads\BavPro_Setup_Mini_C1 (1).exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.4355 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=11464 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=141 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6376 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=142 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12104 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=143 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11084 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=144 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11528 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=145 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9144 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=146 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11192 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=147 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8032 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=148 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3136 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=149 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11792 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=150 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11244 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=151 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11672 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=152 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=153 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10912 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=154 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10736 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=155 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11476 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=156 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12240 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=157 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1876 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=158 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11128 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=159 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11676 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=160 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12276 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=161 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7932 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=162 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2888 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=164 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10464 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=10880 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=10348 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=167 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10656 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=168 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10696 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=169 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11008 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=170 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11536 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=172 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9184 /prefetch:1

C:\Users\Admin\Downloads\DiscordSetup.exe

"C:\Users\Admin\Downloads\DiscordSetup.exe"

C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe

"C:\Users\Admin\AppData\Local\SquirrelTemp\Update.exe" --install .

C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe

"C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe" --squirrel-install 1.0.9168

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x32c 0x2f8

C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe

C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:4 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://f.a.k/e --annotation=_productName=discord --annotation=_version=1.0.9168 --annotation=plat=Win64 --annotation=prod=Electron --annotation=ver=32.0.0 --initial-client-data=0x548,0x54c,0x550,0x53c,0x554,0x7ff6f961a538,0x7ff6f961a544,0x7ff6f961a550

C:\Users\Admin\AppData\Local\Discord\Update.exe

C:\Users\Admin\AppData\Local\Discord\Update.exe --createShortcut Discord.exe --setupIcon C:\Users\Admin\AppData\Local\Discord\app.ico

C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe

"C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=2028,i,6875071056105618917,7821560741500276976,262144 --disable-features=AllowAggressiveThrottlingWithWebSocket,HardwareMediaKeyHandling,IntensiveWakeUpThrottling,MediaSessionService,SpareRendererForSitePerProcess,UseEcoQoSForBackgroundProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2020 /prefetch:2

C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe

"C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=sentry-ipc --field-trial-handle=2312,i,6875071056105618917,7821560741500276976,262144 --disable-features=AllowAggressiveThrottlingWithWebSocket,HardwareMediaKeyHandling,IntensiveWakeUpThrottling,MediaSessionService,SpareRendererForSitePerProcess,UseEcoQoSForBackgroundProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2164 /prefetch:3

C:\Windows\System32\reg.exe

C:\Windows\System32\reg.exe add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Discord /d "\"C:\Users\Admin\AppData\Local\Discord\Update.exe\" --processStart Discord.exe" /f

C:\Windows\System32\reg.exe

C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /ve /d "URL:Discord Protocol" /f

C:\Windows\System32\reg.exe

C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /v "URL Protocol" /f

C:\Windows\System32\reg.exe

C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\DefaultIcon /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe\",-1" /f

C:\Windows\System32\reg.exe

C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\shell\open\command /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe\" --url -- \"%1\"" /f

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=173 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12116 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,7865623742545679055,4700088708504074365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=174 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=11960 /prefetch:1

C:\Users\Admin\AppData\Local\Discord\Update.exe

"C:\Users\Admin\AppData\Local\Discord\Update.exe" --processStart Discord.exe

C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe

"C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe"

C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe

C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe --type=crashpad-handler --user-data-dir=C:\Users\Admin\AppData\Roaming\discord /prefetch:4 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Admin\AppData\Roaming\discord\Crashpad --url=https://f.a.k/e --annotation=_productName=discord --annotation=_version=1.0.9168 --annotation=plat=Win64 --annotation=prod=Electron --annotation=ver=32.0.0 --initial-client-data=0x540,0x544,0x548,0x534,0x54c,0x7ff6f961a538,0x7ff6f961a544,0x7ff6f961a550

C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe

"C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --gpu-preferences=UAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAA --field-trial-handle=1976,i,7201536665329265598,8658634439251099392,262144 --disable-features=AllowAggressiveThrottlingWithWebSocket,HardwareMediaKeyHandling,IntensiveWakeUpThrottling,MediaSessionService,SpareRendererForSitePerProcess,UseEcoQoSForBackgroundProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=1968 /prefetch:2

C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe

"C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip,sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip,sentry-ipc --field-trial-handle=2312,i,7201536665329265598,8658634439251099392,262144 --disable-features=AllowAggressiveThrottlingWithWebSocket,HardwareMediaKeyHandling,IntensiveWakeUpThrottling,MediaSessionService,SpareRendererForSitePerProcess,UseEcoQoSForBackgroundProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2308 /prefetch:3

C:\Windows\System32\reg.exe

C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /ve /d "URL:Discord Protocol" /f

C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe

"C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip,sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip,sentry-ipc --app-user-model-id=com.squirrel.Discord.Discord --app-path="C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\resources\app.asar" --no-sandbox --no-zygote --autoplay-policy=no-user-gesture-required --disable-background-timer-throttling --video-capture-use-gpu-memory-buffer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --field-trial-handle=2936,i,7201536665329265598,8658634439251099392,262144 --disable-features=AllowAggressiveThrottlingWithWebSocket,HardwareMediaKeyHandling,IntensiveWakeUpThrottling,MediaSessionService,SpareRendererForSitePerProcess,UseEcoQoSForBackgroundProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=2932 /prefetch:1

C:\Windows\System32\reg.exe

C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord /v "URL Protocol" /f

C:\Windows\System32\reg.exe

C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\DefaultIcon /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe\",-1" /f

C:\Windows\System32\reg.exe

C:\Windows\System32\reg.exe add HKCU\Software\Classes\Discord\shell\open\command /ve /d "\"C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe\" --url -- \"%1\"" /f

C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe

"C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip,sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip,sentry-ipc --field-trial-handle=4280,i,7201536665329265598,8658634439251099392,262144 --disable-features=AllowAggressiveThrottlingWithWebSocket,HardwareMediaKeyHandling,IntensiveWakeUpThrottling,MediaSessionService,SpareRendererForSitePerProcess,UseEcoQoSForBackgroundProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4244 /prefetch:8

C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe

"C:\Users\Admin\AppData\Local\Discord\app-1.0.9168\Discord.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --video-capture-use-gpu-memory-buffer --user-data-dir="C:\Users\Admin\AppData\Roaming\discord" --secure-schemes=disclip,sentry-ipc --bypasscsp-schemes=sentry-ipc --cors-schemes=sentry-ipc --fetch-schemes=disclip,sentry-ipc --field-trial-handle=3844,i,7201536665329265598,8658634439251099392,262144 --disable-features=AllowAggressiveThrottlingWithWebSocket,HardwareMediaKeyHandling,IntensiveWakeUpThrottling,MediaSessionService,SpareRendererForSitePerProcess,UseEcoQoSForBackgroundProcess,WinDelaySpellcheckServiceInit,WinRetrieveSuggestionsOnlyOnDemand --variations-seed-version --mojo-platform-channel-handle=4296 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 baidu-antivirus.softonic.com.br udp
US 151.101.193.91:80 baidu-antivirus.softonic.com.br tcp
US 151.101.193.91:80 baidu-antivirus.softonic.com.br tcp
US 151.101.193.91:443 baidu-antivirus.softonic.com.br tcp
US 8.8.8.8:53 73.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 91.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 sc.sftcdn.net udp
US 8.8.8.8:53 images.sftcdn.net udp
US 8.8.8.8:53 rv-assets.softonic.com.br udp
US 8.8.8.8:53 sdk.privacy-center.org udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 151.101.193.91:443 rv-assets.softonic.com.br tcp
US 151.101.193.91:443 rv-assets.softonic.com.br tcp
US 151.101.193.91:443 rv-assets.softonic.com.br tcp
US 8.8.8.8:53 www.google.com udp
US 151.101.193.91:443 rv-assets.softonic.com.br tcp
US 151.101.193.91:443 rv-assets.softonic.com.br tcp
US 151.101.193.91:443 rv-assets.softonic.com.br tcp
US 151.101.65.91:443 rv-assets.softonic.com.br tcp
US 151.101.65.91:443 rv-assets.softonic.com.br tcp
US 8.8.8.8:53 www.clarity.ms udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 151.101.129.91:443 rv-assets.softonic.com.br tcp
US 151.101.129.91:443 rv-assets.softonic.com.br tcp
BE 18.239.208.120:443 sdk.privacy-center.org tcp
US 8.8.8.8:53 nav.smartscreen.microsoft.com udp
GB 172.217.169.36:443 www.google.com tcp
US 13.107.246.64:443 www.clarity.ms tcp
GB 142.250.187.226:443 securepubads.g.doubleclick.net tcp
GB 142.250.187.226:443 securepubads.g.doubleclick.net tcp
NL 18.239.70.203:443 c.amazon-adsystem.com tcp
GB 172.165.61.93:443 nav.smartscreen.microsoft.com tcp
GB 172.165.61.93:443 nav.smartscreen.microsoft.com tcp
GB 172.165.61.93:443 nav.smartscreen.microsoft.com tcp
US 8.8.8.8:53 data-edge.smartscreen.microsoft.com udp
US 8.8.8.8:53 syndicatedsearch.goog udp
GB 172.165.61.93:443 data-edge.smartscreen.microsoft.com tcp
US 151.101.193.91:443 rv-assets.softonic.com.br udp
GB 172.165.61.93:443 data-edge.smartscreen.microsoft.com tcp
GB 172.165.61.93:443 data-edge.smartscreen.microsoft.com tcp
GB 216.58.201.110:443 syndicatedsearch.goog tcp
US 151.101.193.91:443 rv-assets.softonic.com.br udp
GB 142.250.187.226:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 91.65.101.151.in-addr.arpa udp
US 8.8.8.8:53 91.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 232.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 36.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 120.208.239.18.in-addr.arpa udp
US 8.8.8.8:53 226.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 203.70.239.18.in-addr.arpa udp
US 8.8.8.8:53 93.61.165.172.in-addr.arpa udp
US 8.8.8.8:53 113.39.65.18.in-addr.arpa udp
US 8.8.8.8:53 110.201.58.216.in-addr.arpa udp
NL 18.239.70.203:443 c.amazon-adsystem.com tcp
US 151.101.193.91:443 rv-assets.softonic.com.br udp
US 8.8.8.8:53 btloader.com udp
US 104.22.74.216:443 btloader.com tcp
US 8.8.8.8:53 b.clarity.ms udp
US 4.153.129.168:443 b.clarity.ms tcp
US 8.8.8.8:53 storage.googleapis.com udp
US 8.8.8.8:53 di-images.sftcdn.net udp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
GB 142.250.200.59:443 storage.googleapis.com tcp
NL 18.238.243.129:443 config.aps.amazon-adsystem.com tcp
US 8.8.8.8:53 ad-delivery.net udp
US 104.26.3.70:443 ad-delivery.net tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 172.67.38.106:443 cdn.id5-sync.com tcp
US 8.8.8.8:53 216.74.22.104.in-addr.arpa udp
US 8.8.8.8:53 cdn.btmessage.com udp
US 8.8.8.8:53 api.btloader.com udp
US 8.8.8.8:53 59.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 168.129.153.4.in-addr.arpa udp
US 8.8.8.8:53 129.243.238.18.in-addr.arpa udp
US 8.8.8.8:53 70.3.26.104.in-addr.arpa udp
US 8.8.8.8:53 230.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 106.38.67.172.in-addr.arpa udp
US 130.211.23.194:443 api.btloader.com tcp
US 130.211.23.194:443 api.btloader.com tcp
US 104.26.6.141:443 cdn.btmessage.com tcp
US 8.8.8.8:53 api.btmessage.com udp
US 8.8.8.8:53 c.clarity.ms udp
US 8.8.8.8:53 notix.io udp
US 151.101.65.91:443 di-images.sftcdn.net udp
NL 139.45.197.253:443 notix.io tcp
IE 13.74.129.1:443 c.clarity.ms tcp
US 8.8.8.8:53 c.bing.com udp
US 204.79.197.237:443 c.bing.com tcp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
US 8.8.8.8:53 141.6.26.104.in-addr.arpa udp
US 8.8.8.8:53 1.129.74.13.in-addr.arpa udp
US 8.8.8.8:53 253.197.45.139.in-addr.arpa udp
US 104.26.3.70:443 ad-delivery.net tcp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 104.26.6.141:443 api.btmessage.com tcp
US 8.8.8.8:53 api.privacy-center.org udp
BE 18.239.208.20:443 api.privacy-center.org tcp
US 8.8.8.8:53 d8667db4cfc4b516f84fe1cea89c9de9.safeframe.googlesyndication.com udp
GB 216.58.201.110:443 syndicatedsearch.goog udp
GB 172.217.169.36:443 www.google.com udp
GB 142.250.200.1:443 d8667db4cfc4b516f84fe1cea89c9de9.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 id5-sync.com udp
US 8.8.8.8:53 prebid.media.net udp
US 8.8.8.8:53 ad.360yield.com udp
US 8.8.8.8:53 brightcombid.marphezis.com udp
US 8.8.8.8:53 htlb.casalemedia.com udp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
US 8.8.8.8:53 ap.lijit.com udp
US 8.8.8.8:53 shb.richaudience.com udp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 8.8.8.8:53 partner.googleadservices.com udp
US 8.8.8.8:53 id.crwdcntrl.net udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 cdn-ima.33across.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
NL 18.239.68.199:443 aax.amazon-adsystem.com tcp
US 34.120.63.153:443 prebid.media.net tcp
FR 185.255.84.151:443 hb-api.omnitagjs.com tcp
DE 162.19.138.82:443 lb.eu-1-id5-sync.com tcp
DE 162.19.138.82:443 lb.eu-1-id5-sync.com tcp
IE 99.81.138.114:443 ap.lijit.com tcp
IE 63.33.127.155:443 ad.360yield.com tcp
US 104.18.36.155:443 htlb.casalemedia.com tcp
NL 188.166.203.175:443 brightcombid.marphezis.com tcp
DE 136.243.173.152:443 shb.richaudience.com tcp
DE 136.243.173.152:443 shb.richaudience.com tcp
DE 136.243.173.152:443 shb.richaudience.com tcp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
NL 18.239.18.118:443 tags.crwdcntrl.net tcp
GB 142.250.187.194:443 partner.googleadservices.com tcp
IE 54.194.72.83:443 id.crwdcntrl.net tcp
GB 172.217.16.226:443 googleads.g.doubleclick.net tcp
GB 172.217.16.226:443 googleads.g.doubleclick.net tcp
US 172.64.152.89:443 cdn-ima.33across.com tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
US 216.239.34.36:443 region1.analytics.google.com tcp
GB 74.125.133.155:443 stats.g.doubleclick.net tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
GB 142.250.200.3:443 www.google.co.uk tcp
GB 142.250.200.3:443 www.google.co.uk tcp
GB 142.250.200.3:443 www.google.co.uk tcp
GB 216.58.204.65:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 ampcid.google.com udp
US 8.8.8.8:53 cacerts.rapidssl.com udp
US 8.8.8.8:53 crt.rootg2.amazontrust.com udp
US 8.8.8.8:53 lexicon.33across.com udp
GB 216.58.204.78:443 ampcid.google.com tcp
SE 192.229.221.95:80 cacerts.rapidssl.com tcp
NL 18.239.36.29:80 crt.rootg2.amazontrust.com tcp
NL 18.239.36.29:80 crt.rootg2.amazontrust.com tcp
NL 18.239.36.29:80 crt.rootg2.amazontrust.com tcp
US 35.244.193.51:443 lexicon.33across.com tcp
GB 216.58.204.65:443 tpc.googlesyndication.com udp
GB 172.217.169.36:443 www.google.com udp
GB 74.125.133.155:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 20.208.239.18.in-addr.arpa udp
US 8.8.8.8:53 199.68.239.18.in-addr.arpa udp
US 8.8.8.8:53 153.63.120.34.in-addr.arpa udp
US 8.8.8.8:53 155.36.18.104.in-addr.arpa udp
US 8.8.8.8:53 77.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 151.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 2.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 175.203.166.188.in-addr.arpa udp
US 8.8.8.8:53 194.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 178.36.239.216.in-addr.arpa udp
US 8.8.8.8:53 89.152.64.172.in-addr.arpa udp
US 8.8.8.8:53 118.18.239.18.in-addr.arpa udp
US 8.8.8.8:53 152.173.243.136.in-addr.arpa udp
US 8.8.8.8:53 114.138.81.99.in-addr.arpa udp
US 8.8.8.8:53 155.127.33.63.in-addr.arpa udp
US 8.8.8.8:53 116.138.19.162.in-addr.arpa udp
US 8.8.8.8:53 83.72.194.54.in-addr.arpa udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 155.133.125.74.in-addr.arpa udp
US 8.8.8.8:53 3.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 65.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 78.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 29.36.239.18.in-addr.arpa udp
US 8.8.8.8:53 51.193.244.35.in-addr.arpa udp
US 8.8.8.8:53 1.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 226.16.217.172.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 34.120.63.153:443 prebid.media.net udp
US 8.8.8.8:53 a.disquscdn.com udp
US 199.232.198.49:443 a.disquscdn.com tcp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
IE 67.220.226.234:443 aax-eu.amazon-adsystem.com tcp
US 8.8.8.8:53 49.198.232.199.in-addr.arpa udp
US 8.8.8.8:53 234.226.220.67.in-addr.arpa udp
US 8.8.8.8:53 cdn.ampproject.org udp
GB 172.217.169.33:443 cdn.ampproject.org tcp
GB 172.217.169.33:443 cdn.ampproject.org tcp
GB 172.217.169.33:443 cdn.ampproject.org tcp
GB 172.217.169.33:443 cdn.ampproject.org tcp
GB 172.217.169.33:443 cdn.ampproject.org tcp
GB 216.58.204.65:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 226.21.18.104.in-addr.arpa udp
US 8.8.8.8:53 33.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 227.187.250.142.in-addr.arpa udp
GB 172.217.16.226:443 googleads.g.doubleclick.net udp
GB 142.250.187.226:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 visitor.omnitagjs.com udp
US 8.8.8.8:53 js-sec.indexww.com udp
US 104.18.38.76:443 js-sec.indexww.com tcp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 contextual.media.net udp
US 8.8.8.8:53 sync.richaudience.com udp
FR 185.255.84.153:443 visitor.omnitagjs.com tcp
GB 184.26.56.245:443 ads.pubmatic.com tcp
DE 148.251.40.117:443 sync.richaudience.com tcp
GB 184.25.192.27:443 contextual.media.net tcp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
US 54.85.242.214:443 cs-server-s2s.yellowblue.io tcp
US 8.8.8.8:53 onetag-sys.com udp
DE 51.89.9.251:443 onetag-sys.com tcp
US 8.8.8.8:53 ssc-cms.33across.com udp
US 67.202.105.21:443 ssc-cms.33across.com tcp
US 8.8.8.8:53 player.aniview.com udp
US 8.8.8.8:53 ssbsync.smartadserver.com udp
FR 51.178.195.212:443 ssbsync.smartadserver.com tcp
GB 2.18.190.83:443 player.aniview.com tcp
US 8.8.8.8:53 76.38.18.104.in-addr.arpa udp
US 8.8.8.8:53 245.56.26.184.in-addr.arpa udp
US 8.8.8.8:53 153.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 27.192.25.184.in-addr.arpa udp
US 8.8.8.8:53 117.40.251.148.in-addr.arpa udp
US 8.8.8.8:53 214.242.85.54.in-addr.arpa udp
US 8.8.8.8:53 251.9.89.51.in-addr.arpa udp
US 8.8.8.8:53 secure.adnxs.com udp
DE 37.252.171.21:443 secure.adnxs.com tcp
US 8.8.8.8:53 cdn.indexww.com udp
US 8.8.8.8:53 dis.criteo.com udp
US 8.8.8.8:53 x.bidswitch.net udp
US 8.8.8.8:53 bc-sync.com udp
US 216.239.34.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 api-2-0.spot.im udp
US 8.8.8.8:53 sync.1rx.io udp
US 8.8.8.8:53 match.adsrvr.org udp
US 8.8.8.8:53 csync.loopme.me udp
US 8.8.8.8:53 image8.pubmatic.com udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
NL 178.250.1.9:443 dis.criteo.com tcp
US 8.2.108.175:443 bc-sync.com tcp
NL 35.214.136.108:443 x.bidswitch.net tcp
US 44.196.142.215:443 api-2-0.spot.im tcp
US 52.223.40.198:443 match.adsrvr.org tcp
NL 46.228.174.117:443 sync.1rx.io tcp
US 35.171.227.183:443 sync.srv.stackadapt.com tcp
NL 35.214.192.66:443 csync.loopme.me tcp
NL 198.47.127.18:443 image8.pubmatic.com tcp
US 8.8.8.8:53 sync.aniview.com udp
US 172.240.45.96:443 sync.aniview.com tcp
US 8.8.8.8:53 jadserve.postrelease.com udp
US 8.8.8.8:53 sync-service.net udp
US 8.2.108.175:443 bc-sync.com tcp
US 204.62.12.209:443 sync-service.net tcp
NL 35.214.192.66:443 csync.loopme.me tcp
IE 34.246.145.41:443 jadserve.postrelease.com tcp
US 8.8.8.8:53 c1.adform.net udp
US 8.8.8.8:53 bh.contextweb.com udp
DK 37.157.4.29:443 c1.adform.net tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
NL 35.214.136.108:443 x.bidswitch.net udp
US 8.8.8.8:53 bttrack.com udp
US 8.8.8.8:53 id.rlcdn.com udp
US 192.132.33.69:443 bttrack.com tcp
US 204.62.12.209:443 sync-service.net tcp
US 35.244.174.68:443 id.rlcdn.com tcp
US 8.8.8.8:53 rtb-csync.smartadserver.com udp
FR 91.134.110.137:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 21.105.202.67.in-addr.arpa udp
US 8.8.8.8:53 83.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 212.195.178.51.in-addr.arpa udp
US 8.8.8.8:53 21.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 9.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 108.136.214.35.in-addr.arpa udp
US 8.8.8.8:53 117.174.228.46.in-addr.arpa udp
US 8.8.8.8:53 198.40.223.52.in-addr.arpa udp
US 8.8.8.8:53 18.127.47.198.in-addr.arpa udp
US 8.8.8.8:53 215.142.196.44.in-addr.arpa udp
US 8.8.8.8:53 183.227.171.35.in-addr.arpa udp
US 8.8.8.8:53 96.45.240.172.in-addr.arpa udp
US 8.8.8.8:53 41.145.246.34.in-addr.arpa udp
US 8.8.8.8:53 131.169.93.208.in-addr.arpa udp
US 8.8.8.8:53 29.4.157.37.in-addr.arpa udp
US 192.132.33.69:443 bttrack.com tcp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
US 8.8.8.8:53 pixel-sync.sitescout.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 192.132.33.69:443 bttrack.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com tcp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 8.8.8.8:53 137.110.134.91.in-addr.arpa udp
US 8.8.8.8:53 69.33.132.192.in-addr.arpa udp
US 8.8.8.8:53 150.216.36.34.in-addr.arpa udp
GB 23.214.129.249:443 secure-assets.rubiconproject.com tcp
US 8.8.8.8:53 eus.rubiconproject.com udp
GB 184.25.193.73:443 eus.rubiconproject.com tcp
US 8.8.8.8:53 token.rubiconproject.com udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 8.8.8.8:53 249.129.214.23.in-addr.arpa udp
US 8.8.8.8:53 73.193.25.184.in-addr.arpa udp
US 8.8.8.8:53 148.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 0069e1d8dc35af72508be88c68b6fcf3.safeframe.googlesyndication.com udp
GB 142.250.200.3:443 www.google.co.uk udp
US 130.211.23.194:443 api.btloader.com udp
NL 139.45.197.253:443 notix.io tcp
US 8.8.8.8:53 209.12.62.204.in-addr.arpa udp
DE 162.19.138.82:443 lb.eu-1-id5-sync.com tcp
DE 51.89.9.251:443 onetag-sys.com udp
NL 46.228.174.117:443 sync.1rx.io tcp
US 8.2.108.175:443 bc-sync.com tcp
NL 35.214.192.66:443 csync.loopme.me tcp
US 35.171.227.183:443 sync.srv.stackadapt.com tcp
US 35.244.174.68:443 id.rlcdn.com udp
US 8.8.8.8:53 match.prod.bidr.io udp
IE 52.208.224.133:443 match.prod.bidr.io tcp
US 8.8.8.8:53 match.sharethrough.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
DE 18.197.30.174:443 match.sharethrough.com tcp
US 8.2.108.175:443 bc-sync.com tcp
US 8.8.8.8:53 133.224.208.52.in-addr.arpa udp
US 8.8.8.8:53 174.30.197.18.in-addr.arpa udp
GB 216.58.204.66:443 cm.g.doubleclick.net tcp
GB 216.58.204.66:443 cm.g.doubleclick.net udp
US 8.8.8.8:53 www.softonic.com.br udp
US 8.8.8.8:53 66.204.58.216.in-addr.arpa udp
NL 18.239.68.199:443 aax.amazon-adsystem.com tcp
US 8.8.8.8:53 5c3b9e7047a4cf46d35da03eba2b6438.safeframe.googlesyndication.com udp
NL 139.45.197.253:443 notix.io tcp
DE 162.19.138.82:443 lb.eu-1-id5-sync.com tcp
US 67.202.105.21:443 ssc-cms.33across.com tcp
DE 37.252.171.21:443 secure.adnxs.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
US 8.2.108.175:443 bc-sync.com tcp
NL 35.214.192.66:443 csync.loopme.me tcp
US 35.171.227.183:443 sync.srv.stackadapt.com tcp
US 204.62.12.209:443 sync-service.net tcp
DE 18.197.30.174:443 match.sharethrough.com tcp
IE 52.208.224.133:443 match.prod.bidr.io tcp
DE 18.197.30.174:443 match.sharethrough.com tcp
US 8.2.108.175:443 bc-sync.com tcp
US 8.8.8.8:53 212.20.149.52.in-addr.arpa udp
US 8.8.8.8:53 643c6e32d8fa07c6fb17575439b1ff99.safeframe.googlesyndication.com udp
US 8.8.8.8:53 js.adscale.de udp
NL 18.239.36.46:443 js.adscale.de tcp
US 8.8.8.8:53 articles-img.sftcdn.net udp
US 8.8.8.8:53 ih.adscale.de udp
US 8.8.8.8:53 articles-images.sftcdn.net udp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
US 35.244.193.51:443 lexicon.33across.com udp
DE 3.70.91.227:443 ih.adscale.de tcp
US 8.8.8.8:53 push-sdk.com udp
DE 157.90.33.72:443 push-sdk.com tcp
US 8.8.8.8:53 46.36.239.18.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 227.91.70.3.in-addr.arpa udp
US 8.8.8.8:53 uidsync.net udp
DE 157.90.33.122:443 uidsync.net tcp
DE 157.90.33.122:443 uidsync.net tcp
NL 139.45.197.253:443 notix.io tcp
US 8.8.8.8:53 72.33.90.157.in-addr.arpa udp
US 8.8.8.8:53 122.33.90.157.in-addr.arpa udp
NL 35.214.132.64:443 csync.loopme.me tcp
NL 35.214.132.64:443 csync.loopme.me tcp
US 8.8.8.8:53 64.132.214.35.in-addr.arpa udp
US 8.8.8.8:53 gsf-fl.softonic.com udp
US 151.101.65.91:443 gsf-fl.softonic.com tcp
US 8.8.8.8:53 ce.lijit.com udp
IE 34.247.203.83:443 ce.lijit.com tcp
US 8.8.8.8:53 83.203.247.34.in-addr.arpa udp
NL 46.228.174.117:443 sync.1rx.io tcp
US 8.2.108.175:443 bc-sync.com tcp
NL 35.214.192.66:443 csync.loopme.me tcp
US 35.171.227.183:443 sync.srv.stackadapt.com tcp
US 204.62.12.209:443 sync-service.net tcp
US 8.8.8.8:53 sf.symcd.com udp
DE 152.199.19.74:80 sf.symcd.com tcp
US 8.2.108.175:443 bc-sync.com tcp
US 8.8.8.8:53 s.ad.smaato.net udp
US 8.8.8.8:53 sf.symcb.com udp
NL 18.239.94.92:443 s.ad.smaato.net tcp
US 8.8.8.8:53 s.amazon-adsystem.com udp
SE 192.229.221.95:80 sf.symcb.com tcp
US 98.82.157.231:443 s.amazon-adsystem.com tcp
US 8.8.8.8:53 74.19.199.152.in-addr.arpa udp
US 8.8.8.8:53 92.94.239.18.in-addr.arpa udp
US 8.8.8.8:53 231.157.82.98.in-addr.arpa udp
NL 35.214.132.64:443 csync.loopme.me tcp
US 8.8.8.8:53 checkappexec.microsoft.com udp
GB 51.140.244.186:443 checkappexec.microsoft.com tcp
US 8.8.8.8:53 186.244.140.51.in-addr.arpa udp
NL 35.214.132.64:443 csync.loopme.me tcp
NL 35.214.132.64:443 csync.loopme.me tcp
GB 2.18.27.82:443 www.bing.com tcp
US 8.8.8.8:53 82.27.18.2.in-addr.arpa udp
US 8.8.8.8:53 b.clarity.ms udp
US 4.153.129.168:443 b.clarity.ms tcp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
GB 2.18.27.76:443 r.bing.com tcp
GB 2.18.27.76:443 r.bing.com tcp
GB 2.18.27.82:443 r.bing.com tcp
GB 2.18.27.82:443 r.bing.com tcp
US 8.8.8.8:53 76.27.18.2.in-addr.arpa udp
US 8.8.8.8:53 login.microsoftonline.com udp
NL 40.126.32.76:443 login.microsoftonline.com tcp
US 8.8.8.8:53 76.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 73.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 baidu-antivirus.en.softonic.com udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 10.27.171.150.in-addr.arpa udp
US 8.8.8.8:53 www.techspot.com udp
US 104.22.78.92:443 www.techspot.com tcp
US 104.22.78.92:443 www.techspot.com tcp
US 8.8.8.8:53 cmp.quantcast.com udp
NL 18.239.83.22:443 cmp.quantcast.com tcp
US 8.8.8.8:53 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app udp
US 8.8.8.8:53 freyr.futurecdn.net udp
US 8.8.8.8:53 bordeaux.futurecdn.net udp
US 104.18.35.13:443 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app tcp
US 8.8.8.8:53 cmp.inmobi.com udp
US 8.8.8.8:53 unpkg.com udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
NL 18.239.36.2:443 cmp.inmobi.com tcp
NL 18.239.36.24:443 bordeaux.futurecdn.net tcp
NL 18.239.36.41:443 freyr.futurecdn.net tcp
US 8.8.8.8:53 static.chartbeat.com udp
US 104.17.245.203:443 unpkg.com tcp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
GB 172.217.16.226:443 googleads.g.doubleclick.net udp
NL 18.239.19.192:443 static.chartbeat.com tcp
US 8.8.8.8:53 eventsproxy.gargantuan.futureplc.com udp
IE 63.33.134.73:443 eventsproxy.gargantuan.futureplc.com tcp
US 8.8.8.8:53 ping.chartbeat.net udp
US 8.8.8.8:53 92.78.22.104.in-addr.arpa udp
US 8.8.8.8:53 22.83.239.18.in-addr.arpa udp
US 8.8.8.8:53 13.35.18.104.in-addr.arpa udp
US 8.8.8.8:53 2.36.239.18.in-addr.arpa udp
US 8.8.8.8:53 24.36.239.18.in-addr.arpa udp
US 8.8.8.8:53 203.245.17.104.in-addr.arpa udp
US 8.8.8.8:53 41.36.239.18.in-addr.arpa udp
US 8.8.8.8:53 192.19.239.18.in-addr.arpa udp
US 8.8.8.8:53 73.79.16.104.in-addr.arpa udp
US 8.8.8.8:53 www3.doubleclick.net udp
US 52.206.104.85:443 ping.chartbeat.net tcp
GB 216.58.213.14:443 www3.doubleclick.net tcp
US 8.8.8.8:53 marketingplatform.google.com udp
GB 142.250.187.238:443 marketingplatform.google.com tcp
US 8.8.8.8:53 api.permutive.com udp
US 34.107.254.252:443 api.permutive.com tcp
US 8.8.8.8:53 api.cmp.inmobi.com udp
US 8.8.8.8:53 sommelier.futurehybrid.tech udp
US 8.8.8.8:53 ads.servebom.com udp
DE 3.72.126.197:443 api.cmp.inmobi.com tcp
DE 3.72.126.197:443 api.cmp.inmobi.com tcp
IE 54.76.180.9:443 sommelier.futurehybrid.tech tcp
NL 18.239.94.11:443 ads.servebom.com tcp
US 8.8.8.8:53 73.134.33.63.in-addr.arpa udp
US 8.8.8.8:53 14.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 85.104.206.52.in-addr.arpa udp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 252.254.107.34.in-addr.arpa udp
US 8.8.8.8:53 197.126.72.3.in-addr.arpa udp
US 8.8.8.8:53 11.94.239.18.in-addr.arpa udp
US 8.8.8.8:53 9.180.76.54.in-addr.arpa udp
US 8.8.8.8:53 prod.euid.eu udp
US 8.8.8.8:53 cdn.adsafeprotected.com udp
US 8.8.8.8:53 ats-wrapper.privacymanager.io udp
GB 142.250.187.226:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 cdn.pbxai.com udp
US 8.8.8.8:53 scripts.webcontentassessor.com udp
US 8.8.8.8:53 6093eccf-6734-4877-ac8b-83d6d0e27b46.prmutv.co udp
US 8.8.8.8:53 ep1.adtrafficquality.google udp
US 8.8.8.8:53 ib.adnxs.com udp
US 151.101.130.217:443 scripts.webcontentassessor.com tcp
DE 37.252.171.52:443 ib.adnxs.com tcp
GB 142.250.187.194:443 ep1.adtrafficquality.google tcp
US 35.241.9.51:443 6093eccf-6734-4877-ac8b-83d6d0e27b46.prmutv.co tcp
GB 143.244.38.136:443 cdn.pbxai.com tcp
GB 18.135.37.94:443 prod.euid.eu tcp
NL 18.239.36.12:443 cdn.adsafeprotected.com tcp
NL 18.239.18.96:443 ats-wrapper.privacymanager.io tcp
US 34.107.254.252:443 api.permutive.com udp
US 8.8.8.8:53 api.rlcdn.com udp
US 8.8.8.8:53 ep2.adtrafficquality.google udp
US 34.120.133.55:443 api.rlcdn.com tcp
US 104.17.108.19:443 cdn.permutive.com tcp
GB 172.217.169.1:443 ep2.adtrafficquality.google tcp
US 8.8.8.8:53 ssum-sec.casalemedia.com udp
US 8.8.8.8:53 ads.pubmatic.com udp
US 8.8.8.8:53 secure-assets.rubiconproject.com udp
US 8.8.8.8:53 pixel.advertising.com udp
US 8.8.8.8:53 ups.analytics.yahoo.com udp
US 8.8.8.8:53 match.sharethrough.com udp
US 8.8.8.8:53 visitor.omnitagjs.com udp
US 8.8.8.8:53 cs-server-s2s.yellowblue.io udp
DE 18.195.234.25:443 match.sharethrough.com tcp
FR 185.255.84.152:443 visitor.omnitagjs.com tcp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
GB 87.248.114.12:443 ups.analytics.yahoo.com tcp
US 8.8.8.8:53 sync.go.sonobi.com udp
US 8.8.8.8:53 us-u.openx.net udp
US 8.8.8.8:53 purch-sync.go.sonobi.com udp
US 8.8.8.8:53 eb2.3lift.com udp
US 8.8.8.8:53 ssc-cms.33across.com udp
US 8.8.8.8:53 eus.rubiconproject.com udp
US 67.202.105.22:443 ssc-cms.33across.com tcp
US 69.166.1.67:443 purch-sync.go.sonobi.com tcp
IE 52.50.157.229:443 bcp.crwdcntrl.net tcp
US 76.223.111.18:443 eb2.3lift.com tcp
US 69.166.1.66:443 purch-sync.go.sonobi.com tcp
IE 52.50.157.229:443 bcp.crwdcntrl.net tcp
DE 18.195.234.25:443 match.sharethrough.com tcp
US 8.8.8.8:53 eu-west-1-cs-rtb.openwebmp.com udp
US 8.8.8.8:53 gum.aidemsrv.com udp
US 34.98.64.218:443 us-u.openx.net tcp
GB 216.58.204.65:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 player.aniview.com udp
DE 51.89.9.251:443 onetag-sys.com tcp
FR 51.178.195.212:443 ssbsync.smartadserver.com tcp
US 104.18.6.198:443 gum.aidemsrv.com tcp
NL 178.250.1.9:443 dis.criteo.com tcp
NL 18.239.18.87:443 eu-west-1-cs-rtb.openwebmp.com tcp
DE 148.251.40.117:443 sync.richaudience.com tcp
NL 46.228.174.117:443 sync.1rx.io tcp
US 8.8.8.8:53 creativecdn.com udp
US 8.2.108.175:443 bc-sync.com tcp
NL 18.239.94.99:443 pixel.servebom.com tcp
NL 35.214.192.66:443 csync.loopme.me tcp
US 8.8.8.8:53 b1sync.zemanta.com udp
US 8.8.8.8:53 rtb.bid.com udp
US 8.8.8.8:53 sync.srv.stackadapt.com udp
US 8.8.8.8:53 bttrack.com udp
US 8.8.8.8:53 id.rlcdn.com udp
US 8.8.8.8:53 secure-signals.permutive.app udp
US 8.8.8.8:53 grid-bidder.criteo.com udp
US 8.8.8.8:53 217.130.101.151.in-addr.arpa udp
US 8.8.8.8:53 136.38.244.143.in-addr.arpa udp
US 8.8.8.8:53 51.9.241.35.in-addr.arpa udp
US 8.8.8.8:53 94.37.135.18.in-addr.arpa udp
US 8.8.8.8:53 52.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 12.36.239.18.in-addr.arpa udp
US 8.8.8.8:53 96.18.239.18.in-addr.arpa udp
US 8.8.8.8:53 19.108.17.104.in-addr.arpa udp
US 8.8.8.8:53 55.133.120.34.in-addr.arpa udp
US 8.8.8.8:53 1.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 12.114.248.87.in-addr.arpa udp
US 8.8.8.8:53 152.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 18.111.223.76.in-addr.arpa udp
US 8.8.8.8:53 229.157.50.52.in-addr.arpa udp
US 8.8.8.8:53 218.64.98.34.in-addr.arpa udp
US 8.8.8.8:53 66.1.166.69.in-addr.arpa udp
US 8.8.8.8:53 67.1.166.69.in-addr.arpa udp
GB 2.18.190.80:443 player.aniview.com udp
US 8.2.108.175:443 bc-sync.com tcp
NL 18.239.94.99:443 pixel.servebom.com tcp
NL 35.214.192.66:443 csync.loopme.me tcp
US 34.98.64.218:443 us-u.openx.net udp
NL 18.239.94.99:443 pixel.servebom.com tcp
US 8.8.8.8:53 22.105.202.67.in-addr.arpa udp
US 34.160.229.218:443 secure-signals.permutive.app tcp
US 35.244.174.68:443 id.rlcdn.com udp
US 8.8.8.8:53 prebid.a-mo.net udp
US 64.74.236.31:443 b1sync.zemanta.com tcp
US 64.74.236.31:443 b1sync.zemanta.com tcp
US 192.132.33.67:443 bttrack.com tcp
US 8.8.8.8:53 tlx.3lift.com udp
US 8.8.8.8:53 fastlane.rubiconproject.com udp
US 8.8.8.8:53 ads.yieldmo.com udp
US 8.8.8.8:53 pixel.adsafeprotected.com udp
DE 3.124.64.248:443 tlx.3lift.com tcp
FR 163.5.194.36:443 prebid.a-mo.net tcp
NL 178.250.1.4:443 grid-bidder.criteo.com tcp
DE 162.19.138.116:443 lb.eu-1-id5-sync.com tcp
NL 18.239.94.99:443 pixel.servebom.com tcp
NL 185.184.8.90:443 creativecdn.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
IE 52.51.152.28:443 ads.yieldmo.com tcp
US 44.217.187.31:443 sync.srv.stackadapt.com tcp
DE 162.19.138.82:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 image6.pubmatic.com udp
IE 34.251.68.42:443 pixel.adsafeprotected.com tcp
GB 185.64.190.78:443 image6.pubmatic.com tcp
GB 74.125.133.155:443 stats.g.doubleclick.net udp
US 216.239.34.36:443 region1.analytics.google.com udp
GB 142.250.200.3:443 www.google.co.uk udp
GB 172.217.169.1:443 ep2.adtrafficquality.google udp
US 44.217.187.31:443 sync.srv.stackadapt.com tcp
GB 172.217.169.36:443 www.google.com udp
GB 172.217.169.36:443 www.google.com udp
US 8.8.8.8:53 aax-eu.amazon-adsystem.com udp
US 8.8.8.8:53 198.6.18.104.in-addr.arpa udp
US 8.8.8.8:53 87.18.239.18.in-addr.arpa udp
US 8.8.8.8:53 99.94.239.18.in-addr.arpa udp
US 8.8.8.8:53 218.229.160.34.in-addr.arpa udp
US 8.8.8.8:53 80.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 36.194.5.163.in-addr.arpa udp
US 8.8.8.8:53 4.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 248.64.124.3.in-addr.arpa udp
US 8.8.8.8:53 67.33.132.192.in-addr.arpa udp
US 8.8.8.8:53 90.8.184.185.in-addr.arpa udp
US 8.8.8.8:53 139.156.173.69.in-addr.arpa udp
US 8.8.8.8:53 31.236.74.64.in-addr.arpa udp
US 8.8.8.8:53 28.152.51.52.in-addr.arpa udp
US 8.8.8.8:53 78.190.64.185.in-addr.arpa udp
US 8.8.8.8:53 42.68.251.34.in-addr.arpa udp
US 8.8.8.8:53 31.187.217.44.in-addr.arpa udp
US 8.8.8.8:53 25.234.195.18.in-addr.arpa udp
US 8.8.8.8:53 cb7e4060a4f5f281694d0932f2c44064.safeframe.googlesyndication.com udp
US 8.8.8.8:53 1x1.a-mo.net udp
DE 35.156.5.136:443 1x1.a-mo.net tcp
US 8.8.8.8:53 cs.admanmedia.com udp
US 8.8.8.8:53 sync.adotmob.com udp
US 34.36.216.150:443 pixel-sync.sitescout.com udp
NL 69.173.156.148:443 token.rubiconproject.com tcp
US 80.77.87.162:443 cs.admanmedia.com tcp
FR 45.137.176.88:443 sync.adotmob.com tcp
FR 91.134.110.137:443 rtb-csync.smartadserver.com tcp
US 8.8.8.8:53 136.5.156.35.in-addr.arpa udp
US 8.8.8.8:53 88.176.137.45.in-addr.arpa udp
US 8.8.8.8:53 162.87.77.80.in-addr.arpa udp
IE 63.33.134.73:443 eventsproxy.gargantuan.futureplc.com tcp
US 8.8.8.8:53 api.mf.webcontentassessor.com udp
US 8.8.8.8:53 gum.criteo.com udp
NL 18.238.243.5:443 api.mf.webcontentassessor.com tcp
US 8.8.8.8:53 acdn.adnxs.com udp
US 8.8.8.8:53 sync.a-mo.net udp
GB 2.18.190.81:443 acdn.adnxs.com tcp
NL 178.250.1.11:443 gum.criteo.com tcp
US 8.8.8.8:53 scripts.mf.webcontentassessor.com udp
FR 163.5.194.31:443 sync.a-mo.net tcp
NL 18.239.94.18:443 scripts.mf.webcontentassessor.com tcp
US 8.8.8.8:53 d2gu4mply2nsyq.cloudfront.net udp
NL 18.239.63.190:443 d2gu4mply2nsyq.cloudfront.net tcp
GB 216.58.204.66:443 cm.g.doubleclick.net udp
US 8.8.8.8:53 wt.rqtrk.eu udp
DE 57.129.18.109:443 wt.rqtrk.eu tcp
US 8.8.8.8:53 aaab3e7919ef302710ec7df1d450ef83.safeframe.googlesyndication.com udp
US 8.8.8.8:53 5.243.238.18.in-addr.arpa udp
US 8.8.8.8:53 81.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 11.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 31.194.5.163.in-addr.arpa udp
US 8.8.8.8:53 18.94.239.18.in-addr.arpa udp
US 8.8.8.8:53 190.63.239.18.in-addr.arpa udp
US 8.8.8.8:53 assets.a-mo.net udp
US 104.19.158.19:443 assets.a-mo.net tcp
US 8.8.8.8:53 check.analytics.rlcdn.com udp
US 8.8.8.8:53 res.cloudinary.com udp
NL 13.227.219.17:443 check.analytics.rlcdn.com tcp
US 104.17.201.1:443 res.cloudinary.com tcp
US 104.17.201.1:443 res.cloudinary.com tcp
US 8.8.8.8:53 109.18.129.57.in-addr.arpa udp
US 8.8.8.8:53 19.158.19.104.in-addr.arpa udp
US 8.8.8.8:53 17.219.227.13.in-addr.arpa udp
US 8.8.8.8:53 1.201.17.104.in-addr.arpa udp
GB 142.250.187.194:443 ep1.adtrafficquality.google udp
US 8.8.8.8:53 id.a-mx.com udp
US 8.8.8.8:53 dnacdn.net udp
DE 79.127.216.47:443 id.a-mx.com tcp
US 8.8.8.8:53 ag.gbc.criteo.com udp
US 8.8.8.8:53 gem.gbc.criteo.com udp
FR 178.250.7.13:443 dnacdn.net tcp
NL 185.235.87.106:443 gem.gbc.criteo.com tcp
FR 185.235.86.133:443 ag.gbc.criteo.com tcp
US 8.8.8.8:53 ad.360yield.com udp
NL 188.166.203.175:443 brightcombid.marphezis.com tcp
US 34.120.63.153:443 prebid.media.net udp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
IE 54.76.209.116:443 ad.360yield.com tcp
FR 185.255.84.150:443 hb-api.omnitagjs.com tcp
US 8.8.8.8:53 id.rtb.mx udp
US 8.8.8.8:53 prebid.adnxs.com udp
NL 79.127.227.46:443 id.rtb.mx tcp
NL 185.89.208.11:443 prebid.adnxs.com tcp
NL 185.64.189.116:443 ow.pubmatic.com tcp
US 8.8.8.8:53 47.216.127.79.in-addr.arpa udp
US 8.8.8.8:53 13.7.250.178.in-addr.arpa udp
US 8.8.8.8:53 106.87.235.185.in-addr.arpa udp
US 8.8.8.8:53 133.86.235.185.in-addr.arpa udp
US 8.8.8.8:53 116.209.76.54.in-addr.arpa udp
US 8.8.8.8:53 46.227.127.79.in-addr.arpa udp
US 8.8.8.8:53 150.84.255.185.in-addr.arpa udp
US 8.8.8.8:53 116.189.64.185.in-addr.arpa udp
US 8.8.8.8:53 11.208.89.185.in-addr.arpa udp
US 8.8.8.8:53 s.richaudience.com udp
DE 178.63.241.79:443 s.richaudience.com tcp
US 8.8.8.8:53 43.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 79.241.63.178.in-addr.arpa udp
US 104.17.245.203:443 unpkg.com tcp
US 8.8.8.8:53 www.facebook.com udp
GB 163.70.151.35:443 www.facebook.com tcp
GB 216.58.213.14:443 www3.doubleclick.net udp
GB 142.250.187.238:443 marketingplatform.google.com udp
US 8.8.8.8:53 static.xx.fbcdn.net udp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
GB 163.70.151.21:443 static.xx.fbcdn.net tcp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 scontent.xx.fbcdn.net udp
NL 178.250.1.4:443 grid-bidder.criteo.com tcp
US 8.8.8.8:53 99133786de2a45f65a6203b0b9a327f4.safeframe.googlesyndication.com udp
DE 162.19.138.82:443 lb.eu-1-id5-sync.com tcp
GB 142.250.187.194:443 ep1.adtrafficquality.google udp
DE 79.127.216.47:443 id.rtb.mx tcp
NL 46.228.174.117:443 sync.1rx.io tcp
NL 79.127.227.46:443 id.rtb.mx tcp
US 8.8.8.8:53 veryfast.io udp
US 8.8.8.8:53 adclick.g.doubleclick.net udp
US 8.8.8.8:53 api.pbxai.com udp
US 64.227.17.224:443 veryfast.io tcp
US 64.227.17.224:443 veryfast.io tcp
US 52.21.157.121:443 api.pbxai.com tcp
GB 216.58.201.98:443 adclick.g.doubleclick.net tcp
US 52.21.157.121:443 api.pbxai.com tcp
US 8.8.8.8:53 98.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 224.17.227.64.in-addr.arpa udp
US 8.8.8.8:53 121.157.21.52.in-addr.arpa udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 aax.amazon-adsystem.com udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
GB 142.250.187.226:443 securepubads.g.doubleclick.net udp
NL 18.239.36.12:443 cdn.adsafeprotected.com tcp
US 8.8.8.8:53 config.aps.amazon-adsystem.com udp
NL 18.239.70.203:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 tags.crwdcntrl.net udp
NL 18.238.243.122:443 config.aps.amazon-adsystem.com tcp
NL 18.239.14.239:443 aax.amazon-adsystem.com tcp
US 172.67.38.106:443 cdn.id5-sync.com tcp
US 8.8.8.8:53 repcdn.pcapp.store udp
US 8.8.8.8:53 files03.tchspt.com udp
NL 195.181.172.3:443 repcdn.pcapp.store tcp
US 104.26.15.232:443 files03.tchspt.com tcp
SE 192.229.221.95:80 sf.symcb.com tcp
US 8.8.8.8:53 122.243.238.18.in-addr.arpa udp
US 8.8.8.8:53 239.14.239.18.in-addr.arpa udp
US 8.8.8.8:53 3.172.181.195.in-addr.arpa udp
US 8.8.8.8:53 232.15.26.104.in-addr.arpa udp
NL 35.214.132.64:443 csync.loopme.me tcp
NL 35.214.132.64:443 csync.loopme.me tcp
US 8.8.8.8:53 b.clarity.ms udp
US 4.153.129.168:443 b.clarity.ms tcp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 csm.nl3.eu.criteo.net udp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
US 8.8.8.8:53 25.1.250.178.in-addr.arpa udp
US 8.8.8.8:53 floor.pbxai.com udp
GB 18.168.172.212:443 floor.pbxai.com tcp
US 34.160.229.218:443 secure-signals.permutive.app udp
US 8.8.8.8:53 212.172.168.18.in-addr.arpa udp
NL 178.250.1.4:443 grid-bidder.criteo.com tcp
DE 37.252.171.52:443 ib.adnxs.com tcp
NL 69.173.156.139:443 fastlane.rubiconproject.com tcp
US 8.8.8.8:53 df7236d90fb0da0e175becf88b17189c.safeframe.googlesyndication.com udp
DE 162.19.138.82:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 7d5ea516a5f2a6ace9179a1a0d3fd505.safeframe.googlesyndication.com udp
FR 185.235.86.133:443 ag.gbc.criteo.com tcp
NL 185.235.87.106:443 gem.gbc.criteo.com tcp
NL 208.93.169.131:443 bh.contextweb.com tcp
US 8.8.8.8:53 pixel-eu.rubiconproject.com udp
NL 69.173.156.148:443 pixel-eu.rubiconproject.com tcp
GB 216.58.204.65:443 tpc.googlesyndication.com udp
GB 172.217.169.33:443 cdn.ampproject.org udp
US 8.8.8.8:53 ads2.servebom.com udp
US 8.8.8.8:53 a4437.casalemedia.com udp
US 8.8.8.8:53 k8s1-event-tracker-am.lb.indexww.com udp
IE 34.250.140.68:443 ads2.servebom.com tcp
CA 185.170.62.59:443 a4437.casalemedia.com tcp
NL 185.80.36.156:443 k8s1-event-tracker-am.lb.indexww.com tcp
GB 216.58.204.65:443 tpc.googlesyndication.com udp
GB 172.217.169.36:443 www.google.com udp
NL 69.173.156.148:443 pixel-eu.rubiconproject.com tcp
US 8.8.8.8:53 156.36.80.185.in-addr.arpa udp
US 8.8.8.8:53 59.62.170.185.in-addr.arpa udp
US 8.8.8.8:53 68.140.250.34.in-addr.arpa udp
US 8.8.8.8:53 img.youtube.com udp
GB 18.168.172.212:443 floor.pbxai.com tcp
US 8.8.8.8:53 73ba07532b7b79509cfc2d5508d71a0d.safeframe.googlesyndication.com udp
US 8.8.8.8:53 8991b6cc86101973efd4c9a992742164.safeframe.googlesyndication.com udp
US 8.8.8.8:53 dc615e821b2dda30b8b0029b7e473ea3.safeframe.googlesyndication.com udp
US 104.16.79.73:443 static.cloudflareinsights.com tcp
US 8.8.8.8:53 efe913720f89b2e46ca09a14a47ff4db.safeframe.googlesyndication.com udp
US 8.8.8.8:53 bordeaux.futurecdn.net udp
US 8.8.8.8:53 files02.tchspt.com udp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
GB 2.18.27.82:443 th.bing.com tcp
CA 15.235.9.150:80 15.235.9.150 tcp
CA 15.235.9.150:80 15.235.9.150 tcp
CA 15.235.9.150:80 15.235.9.150 tcp
CA 15.235.9.150:80 15.235.9.150 tcp
CA 15.235.9.150:80 15.235.9.150 tcp
CA 15.235.9.150:80 15.235.9.150 tcp
CA 15.235.9.150:8443 tcp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 use.fontawesome.com udp
US 8.8.8.8:53 code.jquery.com udp
US 151.101.193.229:443 cdn.jsdelivr.net tcp
US 151.101.193.229:443 cdn.jsdelivr.net tcp
US 151.101.130.137:443 code.jquery.com tcp
US 104.21.27.152:443 use.fontawesome.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 150.9.235.15.in-addr.arpa udp
US 8.8.8.8:53 229.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 152.27.21.104.in-addr.arpa udp
US 8.8.8.8:53 14.24.17.104.in-addr.arpa udp
US 8.8.8.8:53 137.130.101.151.in-addr.arpa udp
US 8.8.8.8:53 c.pubguru.net udp
US 104.21.27.152:443 use.fontawesome.com tcp
US 8.8.8.8:53 rbx.how udp
NL 18.239.50.65:80 c.pubguru.net tcp
US 172.67.218.34:443 rbx.how tcp
US 172.67.218.34:443 rbx.how tcp
US 172.67.218.34:443 rbx.how tcp
US 172.67.218.34:443 rbx.how tcp
US 172.67.218.34:443 rbx.how tcp
US 172.67.218.34:443 rbx.how tcp
US 104.17.245.203:443 unpkg.com tcp
US 8.8.8.8:53 c.amazon-adsystem.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 tr.rbxcdn.com udp
US 8.8.8.8:53 a3.pubguru.net udp
GB 2.18.190.77:443 tr.rbxcdn.com tcp
GB 2.18.190.77:443 tr.rbxcdn.com tcp
GB 2.18.190.77:443 tr.rbxcdn.com tcp
GB 2.18.190.77:443 tr.rbxcdn.com tcp
GB 2.18.190.77:443 tr.rbxcdn.com tcp
GB 2.18.190.77:443 tr.rbxcdn.com tcp
DE 3.120.78.153:443 a3.pubguru.net tcp
GB 142.250.200.3:443 www.google.co.uk udp
GB 142.250.187.226:80 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 cmp.quantcast.com udp
US 8.8.8.8:53 claimrbx.gg udp
CA 15.235.9.150:8443 claimrbx.gg tcp
NL 18.239.83.22:443 cmp.quantcast.com tcp
US 8.8.8.8:53 65.50.239.18.in-addr.arpa udp
US 8.8.8.8:53 34.218.67.172.in-addr.arpa udp
US 8.8.8.8:53 77.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 153.78.120.3.in-addr.arpa udp
GB 172.217.169.78:443 www.youtube.com udp
DE 3.120.78.153:443 a3.pubguru.net tcp
GB 142.250.187.226:443 securepubads.g.doubleclick.net udp
DE 3.120.78.153:443 a3.pubguru.net tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.213.14:443 www.youtube.com udp
GB 216.58.201.118:443 i.ytimg.com tcp
GB 142.250.187.238:443 www.youtube.com udp
GB 172.217.16.226:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 118.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 yt3.ggpht.com udp
GB 216.58.212.234:443 jnn-pa.googleapis.com tcp
GB 216.58.212.230:443 static.doubleclick.net tcp
GB 172.217.169.36:443 www.google.com udp
GB 142.250.180.1:443 yt3.ggpht.com tcp
US 34.160.229.218:443 secure-signals.permutive.app udp
GB 216.58.212.234:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.187.206:443 play.google.com tcp
GB 142.250.187.206:443 play.google.com udp
NL 178.250.1.25:443 csm.nl3.eu.criteo.net tcp
US 8.8.8.8:53 230.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 206.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 1.180.250.142.in-addr.arpa udp
DE 162.19.138.82:443 lb.eu-1-id5-sync.com tcp
CA 15.235.9.150:80 claimrbx.gg tcp
CA 15.235.9.150:80 claimrbx.gg tcp
US 151.101.193.229:443 cdn.jsdelivr.net udp
CA 15.235.9.150:8443 claimrbx.gg tcp
US 216.239.34.36:443 region1.google-analytics.com udp
CA 15.235.9.150:8443 claimrbx.gg tcp
US 8.8.8.8:53 b.clarity.ms udp
US 4.153.129.168:443 b.clarity.ms tcp
CA 15.235.9.150:80 claimrbx.gg tcp
US 8.8.8.8:53 wall.adgaterewards.com udp
CA 15.235.9.150:80 claimrbx.gg tcp
CA 15.235.9.150:80 claimrbx.gg tcp
CA 15.235.9.150:80 claimrbx.gg tcp
US 104.21.46.132:443 wall.adgaterewards.com tcp
US 8.8.8.8:53 discord.gg udp
US 8.8.8.8:53 cdn.discordapp.com udp
US 162.159.135.233:443 cdn.discordapp.com tcp
US 162.159.135.233:443 cdn.discordapp.com tcp
CA 15.235.9.150:8443 claimrbx.gg tcp
US 8.8.8.8:53 132.46.21.104.in-addr.arpa udp
US 8.8.8.8:53 233.135.159.162.in-addr.arpa udp
US 8.8.8.8:53 malsup.github.io udp
CA 15.235.9.150:8443 claimrbx.gg tcp
US 185.199.108.153:80 malsup.github.io tcp
US 8.8.8.8:53 153.108.199.185.in-addr.arpa udp
CA 15.235.9.150:80 claimrbx.gg tcp
DE 3.120.78.153:443 a3.pubguru.net tcp
CA 15.235.9.150:80 claimrbx.gg tcp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 10.28.171.150.in-addr.arpa udp
CA 15.235.9.150:80 claimrbx.gg tcp
US 8.8.8.8:53 tse3.mm.bing.net udp
US 8.8.8.8:53 wordwall.net udp
IE 20.238.3.66:443 wordwall.net tcp
IE 20.238.3.66:443 wordwall.net tcp
US 8.8.8.8:53 wordwallapp.azureedge.net udp
US 152.199.19.161:443 wordwallapp.azureedge.net tcp
US 152.199.19.161:443 wordwallapp.azureedge.net tcp
US 152.199.19.161:443 wordwallapp.azureedge.net tcp
US 152.199.19.161:443 wordwallapp.azureedge.net tcp
US 152.199.19.161:443 wordwallapp.azureedge.net tcp
US 152.199.19.161:443 wordwallapp.azureedge.net tcp
US 152.199.19.161:443 wordwallapp.azureedge.net tcp
US 152.199.19.161:443 wordwallapp.azureedge.net tcp
US 152.199.19.161:443 wordwallapp.azureedge.net tcp
US 152.199.19.161:443 wordwallapp.azureedge.net tcp
US 152.199.19.161:443 wordwallapp.azureedge.net tcp
US 152.199.19.161:443 wordwallapp.azureedge.net tcp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.46:443 apis.google.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 173.194.69.84:443 accounts.google.com tcp
US 8.8.8.8:53 wordwallthemes.azureedge.net udp
US 8.8.8.8:53 66.3.238.20.in-addr.arpa udp
US 8.8.8.8:53 161.19.199.152.in-addr.arpa udp
US 8.8.8.8:53 84.69.194.173.in-addr.arpa udp
US 8.8.8.8:53 www.clarity.ms udp
US 8.8.8.8:53 wordwalluser.azureedge.net udp
US 13.107.246.64:443 www.clarity.ms tcp
US 216.239.34.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 wordwallthemeassets.blob.core.windows.net udp
IE 20.60.204.97:443 wordwallthemeassets.blob.core.windows.net tcp
IE 20.60.204.97:443 wordwallthemeassets.blob.core.windows.net tcp
IE 20.60.204.97:443 wordwallthemeassets.blob.core.windows.net tcp
IE 20.60.204.97:443 wordwallthemeassets.blob.core.windows.net tcp
IE 20.60.204.97:443 wordwallthemeassets.blob.core.windows.net tcp
IE 20.60.204.97:443 wordwallthemeassets.blob.core.windows.net tcp
US 4.153.129.168:443 b.clarity.ms tcp
US 4.153.129.168:443 b.clarity.ms tcp
US 8.8.8.8:53 97.204.60.20.in-addr.arpa udp
CA 15.235.9.150:80 claimrbx.gg tcp
US 8.8.8.8:53 update.googleapis.com udp
US 8.8.8.8:53 update.googleapis.com udp
GB 216.58.204.67:443 update.googleapis.com tcp
GB 216.58.204.67:443 update.googleapis.com tcp
US 8.8.8.8:53 updates.discord.com udp
US 162.159.137.232:443 updates.discord.com tcp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 232.137.159.162.in-addr.arpa udp
US 8.8.8.8:53 123.35.104.34.in-addr.arpa udp
GB 216.58.204.67:443 update.googleapis.com udp
CA 15.235.9.150:80 claimrbx.gg tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 b.clarity.ms udp
US 4.153.129.168:443 b.clarity.ms tcp
CA 15.235.9.150:80 claimrbx.gg tcp
CA 15.235.9.150:80 claimrbx.gg tcp
CA 15.235.9.150:80 claimrbx.gg tcp
CA 15.235.9.150:80 claimrbx.gg tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com udp
CA 15.235.9.150:80 claimrbx.gg tcp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 fccab8a2a3330ebd702a08d6cc6c1aee
SHA1 2d0ea7fa697cb1723d240ebf3c0781ce56273cf7
SHA256 fa39b46c6f11977f5a2e6f4cd495db424063320fbac26a2eae7466e82ffeb712
SHA512 5339b52bad5dff926b66044067aa3e1a6147c389a27ebd89b0f16e1267621d7ce7af9810010bee81cba7b08c77a33ede8ef4675fe049b9fb2ed510fcaef93d6e

\??\pipe\LOCAL\crashpad_1624_XXYUSIXAPEJOFXGF

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Edge Profile.ico

MD5 e5e3377341056643b0494b6842c0b544
SHA1 d53fd8e256ec9d5cef8ef5387872e544a2df9108
SHA256 e23040951e464b53b84b11c3466bbd4707a009018819f9ad2a79d1b0b309bc25
SHA512 83f09e48d009a5cf83fa9aa8f28187f7f4202c84e2d0d6e5806c468f4a24b2478b73077381d2a21c89aa64884df3c56e8dc94eb4ad2d6a8085ac2feb1e26c2ef

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 9d533e1f93a61b94eea29bf4313b0a8e
SHA1 96c1f0811d9e2fbf408e1b7186921b855fc891db
SHA256 ae95a7d192b6dfed1a8a5611850df994c63ba2038018901d59ef4dae64b74ed3
SHA512 b10de657d0cef4255e96daa1b6ad0c99c70b16c13b8e86790ea226e37e9ded1a8f8bed1e137f976d86ebc3ea9a4b5eb67ce2f5b0200025d35dc8e94c947ff3f5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3142d9075ba16184ad5df75c07d1f304
SHA1 1c898c12ac65d679d9fd347e7c968a57f102a88b
SHA256 eddfb4af52ce0790dcceef2b67a1b4038e99af2cbaf8d685f383843a6e57726e
SHA512 88cafd69a5a97a0848f12b480e450850e189417cd687ed975cd60614408706f0ba24f6b595582fbc0ba914c4ed495be52842e5ce416ad076e8de21250956888a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 ed659b1d7a51e558246bd24f62fff931
SHA1 84685d6f04379c290e4261ff04e9e1879d54d42c
SHA256 23fafd9073812d5ff8b523b84bc981e4cb410bebbf3675db2b29cfac0dae9690
SHA512 1c3203328583241895db9fb165fcfd595f642e218ee3a453ab6873cbac10ddab693cd2f913bab15c8bb7b5a12c5768b3dfcb278aad754dec1fbffe66b81843cc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

MD5 734e5dfdd50847b7b16776c7dd29edc0
SHA1 251ef1d48091b6ce594646f590912f04483c3c2e
SHA256 27e97d72fe2af972eac836d11c98b81daf29355871017d794c8a143ad2e31679
SHA512 8026d18bbe23c4ca1e31030cfef8729a424bf0918cf7eccbb758f4f3f56a3d070ed03bfbcd0f2f968fd728096991069892678c7bf584c9763188bb3bf3b45d66

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

MD5 55540a230bdab55187a841cfe1aa1545
SHA1 363e4734f757bdeb89868efe94907774a327695e
SHA256 d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
SHA512 c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 e2558e11ff0cfd631caf85950f54f866
SHA1 a147d9257068441a6e6a0ce767b785298139c8bf
SHA256 b2df6a6013f6673d11d6f40e6246690770344ba955d0f6c0cf47bf4ba00b6a5f
SHA512 612b89547a65560cd753b29492875518627d329ec558b9adff7fc0081bbe7e3a07d508d5e58bd8654dd6e7b7aa40078f2f639ef676450a478933c154430adbb8

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms

MD5 eb5e1c0ac825119722775d24be58c0de
SHA1 36841b494e39478eb0adc4bda9bcaaa8d27e2c5e
SHA256 6b8bb09f365849ce44a50b7726527a9f31eed98dc2c237b33486f0ecda45c89e
SHA512 8075bb2335f8566d7c4c9f0b94e26819cdafa296f8eb720aa01a933d66d47ed633fd60926e01ba19e0460cfbb098db777d06cef6119cb6654e5d4df69e4c45e4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\DABA17F5E36CBE65640DD2FE24F104E7

MD5 14cb264f96a28423d79a2988d891a420
SHA1 c1a8fc57df4f02d9947f3dcb538ca201e21fd353
SHA256 7537cc677eea8444ff3c2435a56e7a8e6440eb3edc558cd5aa422348f6426a0d
SHA512 488f859bc5d1fb5d7598f8c5960eada246a2736e0686d457770fb9ab5489c9012fb00475498c34074362cbdd08492fc4fadc2a8c89ce4742e73266f738b98ee4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\DABA17F5E36CBE65640DD2FE24F104E7

MD5 c6150925cfea5941ddc7ff2a0a506692
SHA1 9e99a48a9960b14926bb7f3b02e22da2b0ab7280
SHA256 28689b30e4c306aab53b027b29e36ad6dd1dcf4b953994482ca84bdc1ecac996
SHA512 b3bd41385d72148e03f453e76a45fcd2111a22eff3c7f1e78e41f6744735444e058144ed68af88654ee62b0f117949f35739daad6ad765b8cde1cff92ed2d00c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 48594ad57bffb43d4dfb2f24f5751cc6
SHA1 6f23156a2cf208259a2c66385d7c14416b1a1251
SHA256 28ac5a1921cb6ee83dab167868428b743d231308b0a9c8d3091b85970fe8f533
SHA512 8eb0c50752601f446d71bcec15a2389fb54e8f58efc27ceb43dba1d6c9692284de9d5696be45f9e13a9440ec6e736adb6afbced56a39912f8e04443c667229aa

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5599bf5340b57f0563c6595d1c14d787
SHA1 17cdc5f864001b982fc0d31544499fe88fbc6c7a
SHA256 cebeffc97c95f7f1c6967f44352acfc99bee8da133ae9065dd0c4c01e35db230
SHA512 26c9fd3d37a603d7286e8c665d03ee905daf5a45104ad66a2e72a768daf25e685244a8c026e9c9aec81e7a97b692d8c8b341cb34d3b93fd119d07bf8a1a01bbe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 7ec09c7cbd7cb0b8a777b3a9e2a1892e
SHA1 3b07979e57b6c93be7d5a6cd8fa954dee91bd8dd
SHA256 a623633f34a241b0dbc9fd26f34446d716955f94e90b2ff9ac8b9df801bdae5e
SHA512 5fff0a38a3b6e4b29d402eef2650011e4d9df514e0624767c84ea31cb73cbba10c7e0b5711cb487976d637f0f60a85c431cf0db54b519411245684c116c07b7b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 285252a2f6327d41eab203dc2f402c67
SHA1 acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6
SHA256 5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026
SHA512 11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001d

MD5 6b04ab52540bdc8a646d6e42255a6c4b
SHA1 4cdfc59b5b62dafa3b20d23a165716b5218aa646
SHA256 33353d2328ea91f6abf5fb5c5f3899853dcc724a993b9086cab92d880da99f4d
SHA512 4f3b417c77c65936486388b618a7c047c84fb2e2dd8a470f7fe4ffec1ad6699d02fa9c1bbd551414eef0f2e6747a9ee59ca87198b20f9f4a9a01394ae69fa730

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 21659b4a7d81a7bd74330e6501b8a997
SHA1 62b703be2a7158214fbff26612d405f3ffdf4f4d
SHA256 12bfc1119dd26520a0e850d907bfa3382d8e96770e13b77c43ec936ac75e82cc
SHA512 ab0928666da95e46ac78e2274fb8c2b7781532312817ef6835a3aba86af5bed7408ef33fea2e7bb9997d28f23aafe7cdb0bb3d0d69350efd4330478a63f59983

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 bc478f981c810eb7f03dee5ce3cf4c3f
SHA1 9cd9bd445ddba78e65151a84c8188cfa8c0413e1
SHA256 99ce5d44180a56f7f65e18ec2fc178d7a646290039f3129dc0c01fe81ab0a49b
SHA512 8e130b7fcf4eceeb5ffb3aa3626b7c2bca1c2989f1db94a098f4d15c1481bf04829bc059b3bc2a47933106e2da70f122f31ada35ae9908571c2b9fc10745335d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57ebc7.TMP

MD5 928dd84358d4719f87f287f9f97d8f5a
SHA1 57c33f715dbddee98bf50c5c94cde652a4780e1b
SHA256 6f14511b88cb4c64515b139290acdd3760b1572f63c4ec3a6bbbc2e596e25f85
SHA512 e5b2a3192e42991b90f5bed77a1d555edd833437c202c181c7ec41667be0bd6d19d385ac9eaf61ccd33bf2a369bf02cce0631938c2aae011f918920be2823ad4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 5627ecbd1048f112679a6a85b1316aa4
SHA1 24cfbb162eb8842f7debccafa74e7e2259caa4bd
SHA256 570af69bad39cc5217e9b9e523769eea2229e78c6a335e6081951a98bdd08064
SHA512 3913bc83adde55ad39c875895d18e8c21d10b9b1cd2a01fdda3853470a66aa42f635b6d0e718ba2ce1732af80c6eb3f786bfe3b1a4a1f71c3180f5e2664e0b27

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57f349.TMP

MD5 a03ae68fe949f02bbf015f24401428c9
SHA1 b8f3d288fcfdc8481444258b1900ab439f9aa777
SHA256 3e4818234a6f9a74348435cccce418a9f8684de7d80e68c8ac8c31715997287b
SHA512 1f1c71696aa0051be5be7628410fe2c0d186cd71e08993d6c52871ea5bdd28444eaff44577fb749d3e274968864569992314d848a5d3ae9fe05267f0c251a06f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000a

MD5 b22d1ebddff2a13f199b4354e14ae689
SHA1 94ed48806072477938ec409fbb4b83180803dcf3
SHA256 38088f16c19b83b0fe460e578093d9b5f72157f44e4bcf59a69c994dcf212a37
SHA512 b5336cafdc9e8d96267b02d31ccc73351784148282889c6e9819b99015d07ef0cf9c62d8f8a21894ff5f0ae51202dca0d6cf1aa9a2bf62cbc278dba42094ff9f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008

MD5 e85a88a15f443d63ecf00171e542c427
SHA1 4f49bd8e59bc347c6c4b0d668e61491be0f1d438
SHA256 238f1e74b4191a1a2773099fe40c64daeaa001fedf87931a5a2c9b1bd9edfd80
SHA512 4ff643bc038af2118f4671a2aa918396f8532a4d703487e7759003dd3c64f6988fc18648e4f5e67a3c7eba8225af98dd67f77b4cb6df871834a2c68c77eeeb62

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000d

MD5 29fc455c42db606d4d71d5872bd49932
SHA1 de824917358df466a45dc4e9992468dfc2a5fa9c
SHA256 0f26212e5ab094e48a5e8098f6ad8c27199032a64a1de7e3232d3790c7307c57
SHA512 02daad2667d792b0011fb2ee1187872ea75d90f5962fd2816fce105af2438888345cf9d0e99bde3cf457b4d9e0c9c6ea54f18be2911120ee10dc4d447923159f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003

MD5 24aafdc3de0100622ebdb778f8597cce
SHA1 eb596e0339976d95d67fbd03476bfc0893c32cee
SHA256 33f46c079504e967859cffb69162ab489c3b4bbe070af18253e60425cee34dd0
SHA512 b5c3b500e928d402526af4603e4e7b9e801bc9842f381dbbba75939c824aeb40d9ebbd3de1e2a155f690e8c9b9ce0efe6f3196739c031f74a428ac673dd1b185

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004

MD5 8ad04f19bf70f5cf330752244dd8a5bf
SHA1 7076e75cfba995209d990ea6436cc1e35efccd2f
SHA256 8f9f6500a484f9c529b47669e78a5672a515ce00f9bd325b3e0d15d1d95de69c
SHA512 4b49abc56fc26aadf5dac9d76ab9a507592a59c797739f39cb5e8d2efdcffd2d37ca4c05c9e362aea17e3cbf16ebd86650baab5b3a672366fac8f5da72d79fb3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006

MD5 35f71e18d585148cffe00ef4fbf2b0aa
SHA1 35cd9159f0950dd7f1dbad07a3a21b4e76dad3d6
SHA256 7a79ac14c1ac0d704720fa371178e6ff915a5fc773e4a1a1522a511172ef9010
SHA512 97b9f579c2a92a7061f7164134104d7d1197311d00cd83e36c95fc6df2e6c5a514c25cfc64bd378380cc1f92705879c2db73903c9614b6fdf5e417e7fccedc2b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000009

MD5 e5db34b36cb7d9a26d941e136d9d0ffe
SHA1 9178fa7dd260e4bdde24e775fad0935fc9dc79a2
SHA256 57aec6f090169aa9333c71ade8e3b71c7ca28be33f3bb22911da467cc9fe13f8
SHA512 1cee2419d75f5eb5b3e529f5d3f457d6e20897254b5307b3395a2401fbc65e4bdaabe8828e9f189cdda6bf2b0d7c3b6c68781dad8e70ae35e31e5a000ff35b15

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002c

MD5 de6d7d41b4f2a683c66d3c8a04af11a6
SHA1 8b1496fa9c54c8db54227ba9d4d4ad18384d9250
SHA256 ebeeeace89c4a31d43b0c0a3aea5b81863d36bfb37e03f9a441ac67cda86c8d8
SHA512 f2c3dd45f29bd4cde8749ed5abe306e7f420c14b1e62af58df54d1c6589a6fdd0b29a2acb9688d098ba96344630ec6c92e71345805f058b8f28a1383f4f11061

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000e

MD5 d09be58a72bdb5560a12ee3dbb295051
SHA1 21accfc81e9e30fb4230b83842581b48a5ae3f03
SHA256 c76a08c33980667b339cb138d6c20106ad05e46f53714a61051a866e7fbb6790
SHA512 9498246f3cb029039c3cbb3993515f09a039537462e382aa5fc078d850ee8226f45596ad51d31a1015a3cdc08740bb302ee52b8e1e1a3f4c78660480562c77ca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000f

MD5 eda9e3098191a0cb81ff30d2ca1015df
SHA1 2faa1bd7f0a398b7f58986c879d449d1af7c714b
SHA256 a6b28ec4c9ec313359a99949badf967fc6b8c97d928a355a2b303664ca268c82
SHA512 3a161e97ccaac85822ff828563c0c130f11c96d94cfe26af4b4eabe3c4b89964f0687f8806063a33a52d5be27329fad4333b513da714170438e118e310b6d82d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000012

MD5 900a24b8a18aa0281b659927c976dd49
SHA1 f86a08d5720ad0bec028787e9fcc95dc8f608c16
SHA256 12cfafd6bcf68e786e5f9919cc490e479a2b1c3322ef8577a642535f03eded06
SHA512 472890afb166431729b4d89271eacca3208aea63c4ebefc6299e5df13a1c177fbf0f41c03ce121eb49d7b0480b9aff07b791f76d4cbc1f1c4867b5ad027e25dc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000c

MD5 bdbca6cd39a21b94af5e37a7d95cd7b1
SHA1 3bbd7a9c40294b9f26a7fda297a07cf68f4274a8
SHA256 fa016fd584f843b1373b82746add6f4ecc0bd88711e9e85546dd9270e77cac50
SHA512 930121da974124d737bfd6971014a2127dd1e5c383eeb643d7eabc822c867068c261f7d978a2c86f2237a98053ae3dd26a00624d8f0233ed04b4d2c0f8ead102

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000011

MD5 2a4cc8a0931be53a8de9ce0ddbc4a922
SHA1 f704e685fdbb356dceba6e21a47486ee739fb161
SHA256 5be6e385bf1aabaebe6823592bebc4945b544ebdaf4a66343ec5345abc9fe43a
SHA512 32f05572c5570e0201f318840d3f1532cc5a3789dad5d8003e536be24b5778bf3e4c0c7da7caf60f71e48ad5ceea1dcd950aa78da466f7cfb559389361e8ddab

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000010

MD5 017c91c7dec7d33bd5018e29d076c87b
SHA1 f3db235117db557ec016ff711cd91f078cd5d712
SHA256 f89d185318666883d124ada5181b0f283517d7c579ea5158cfc41ac6af6839b8
SHA512 a12b0996270168da382531d6ad09b0c4c70fe492127ebb569d1a6d2f683a822ea1cf57a77aa08535f9fa7a2940e80211932abe9bf079677efcdfd7b072ac1c8d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000014

MD5 53e57abcf388cfed8c16c830408656a7
SHA1 05c02e523d25a6ab2bab101ed519c5736127154a
SHA256 d1c5e4a549c7c93ad1c9ce1c7a170665f6eaaf258d2375d8714db0f0990bbef8
SHA512 060f2048ad2556d4e443e7ae277d51d3c0b848998a0dd15631f1e00c3f80817faca705a3cf033f9e6bc67400b41d3cc2df1d932d95934f392749dc925bd45058

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000015

MD5 32ed3a28e684abc027d4dd2ea50309df
SHA1 51c5daecd690d9d02d7f1eec8b8b7bfb9910429e
SHA256 90c2228f536563d853b9aa25a86641eed8233af0f5ff0983604b63ba6a04245e
SHA512 7cfc78d3f25da587b4a2f7601cd08b7630b8e438023ef532bb57c2b44714a23aedd48924b63fa866e511bfb3616e0c390fbfe3c50f939ebc8ac7faa37f1834ec

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000016

MD5 20fea429440ac75344a157882b5501d8
SHA1 bf426edd991c7731d5d13629e5167e0fc702f6af
SHA256 8c97bbf4a3d2707c696ce1975438378e0a7551944f07493e1811f1a64ae6ee3e
SHA512 ed19c3cc621cfe25bb6bb38d6bafff5503f5fd8fb6873a20e65198c63845c32e27efc2600e091d95810690cfe8d29c5530d1f408cbcd2c3b88eb236dbcda63b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a19c374ea58dfcff_0

MD5 12ce440dec011e956071ea3ef52729fc
SHA1 241a45c468bff31f948cf18b8b65a430ebb08f69
SHA256 479d0479b45acba571ae07ec57fd75c0ed2384ebe4f790b25f4a7a32e896cd62
SHA512 2ffc0cc801db0f2b9aea1bc46d18a594969798f4649eb2417e04106fb79d3b82451aac82349001cce0e805bf6e258929abfc156484aab8ded9e1abf10a7d0961

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\06581e89074da2a1_0

MD5 3564d775d2e5816310c05d394a498c94
SHA1 9174955395bf3d0c3f3dea12a5ef11091aee3f70
SHA256 d6d3c2162e857ef01ee3253242eaa3d1bc2a5f802a434a176331c23ebb93a2f5
SHA512 61ced4a2e1a9198e7684284c3af1f17e565ae37621e1336f48da4046c91c22b578acb95381c5208988ecc74e43865cc37a4d865495f53d1d5821e73e735e2701

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d8624ac3cadb9a18_0

MD5 6e38aaea1543cad503a2b3895f2f4a5c
SHA1 07ed42c13d229739823162f2f99abb26fcd06404
SHA256 aa5321799c3d67630a938f3fd2be68d80fdd2bca129ced75da367196a80f6b04
SHA512 7a1f2151aa8b47ffbecc820b8bb0c6fb1c775ac00317b6f07bc2b28f8588240203a88020aec1d2b727ad06465e594bff3334a2c335b4cfa36269f0edf5f7e58f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\32407c0141bfdbca_0

MD5 f5b84d92e2b4c7e5bf5a77f332416a68
SHA1 7c0acfefdac12d6c20e6105cb617e32d599995eb
SHA256 2a71c0d462bba2a36aeaded766532ac54bf48b881c8112a586aae33310025e72
SHA512 869919e114e8a8c50a31dea132b2878d48bbde446e611db4d87cea459854bd1dcd194a5e73925c8026ea14c35c6853d1cd82f085a77b67c2d4076ab10b56030e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\c204126c8abe2d1d_0

MD5 d40ebd4d311c5eb11ee6444cf3658c94
SHA1 6d8e8ed0cf42ce00f6e7ca066e6ae2a03222535f
SHA256 74744ccab25860d274be37bd73a14abb44f70d0488e5a9ba7f9a22024b6e9128
SHA512 4c5769f4d5df5d631fa52a8a6519a4d4dc6ff8b4a7749d474f2ed57b8ab4968a12984903846c44d75f891ad98f2499886e8b1ef61f4bc54bd39162beb68adae4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8fc4ca6eebcaad0b_0

MD5 d0d51cf9f40d2eeb273264136ac46a68
SHA1 f4088efb7f9527e58feb59012a4337b5d59bfb29
SHA256 f7608f04e2c8a2ec7c0cb39b2cbeb2f1e51a467b18f79829bcf64ea833fc12f1
SHA512 71949c52fa36911b50730fe46a1c39120edb524a925c724a151f4093d533da10befa9dce30b0ef29df8dcbe61178c1381e44c4dd9b240126137f7e3195502dcd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\60c7059ea009d22e_0

MD5 028b78dc0201770c4cdc5102ffcf55d2
SHA1 fe2c2c90d6171e39b31dac369d42a9af388db455
SHA256 c24d8701791bff39fb910b7ca309067d1be9052666001b826195fc3a32431daf
SHA512 e1234153ddf3b6090e03a38e565321ce43d7c0ce8006997975abcfac12eee2301c7380c3ac90cd495aa045f4e9403bb86b21179c1005f4a41bb7294e73c2838e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

MD5 f85a52738e1eecbbd780234b719227d8
SHA1 fcf516cf198dabbe8297ff497a7c56cb436aa950
SHA256 fd104379d8348961292f3730ea6a8663f5aa69e40294f399613d5b6370a9bccf
SHA512 b5b80abe111c8326cc336bd08b3354f7616a9fd0416009da64e608c86e94a9c38ddd92ae94c7e2f00df5c6485a43a302daa51672f671504c792dc6ff0e9276af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00001e

MD5 c03ff64e7985603de96e7f84ec7dd438
SHA1 dfc067c6cb07b81281561fdfe995aca09c18d0e9
SHA256 0db8e9f0a185bd5dd2ec4259db0a0e89363afa953069f5238a0537671de6f526
SHA512 bb0fd94c5a8944a99f792f336bb8a840f23f6f0f1cb9661b156511a9984f0bb6c96baf05b7c1cf0efb83f43a224ecea52740432e3cfc85e0799428765eefb692

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000032

MD5 54f20de8a9081fccaa118be5bf3aa347
SHA1 9a6f5952bca06500c4df3f5a26a54955e55ccc14
SHA256 b47847a633f51ffc2135e83796b686532acbb5876025eac6d20a083502315834
SHA512 488522b5d5dc119f11e33f295fc3a2537cfe8360287ba619eae02d70629d6bacf7ea9f8e85a05a1b9d84a0688922e97c7d754c42d5428363253765fee35f6d63

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000001

MD5 96ac7a43df1667c2b0f871284c93acaa
SHA1 169c875ee2de5159043bf107e6b3aa4cc1234dd2
SHA256 9bb5bc611ebe4a6f4fc3685361cfa9f692afd7d093928e4603288e142748bed6
SHA512 fd8d7825821d4c65423aadf03f643a6e72b7811edc19bcd80cc3a6bcf43d31deb1ab9c75a8dfb3ac13f2323266b290480960d826faba53fe29c46930a3cba029

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002

MD5 bd17d16b6e95e4eb8911300c70d546f7
SHA1 847036a00e4e390b67f5c22bf7b531179be344d7
SHA256 9f9613a0569536593e3e2f944d220ce9c0f3b5cab393b2785a12d2354227c352
SHA512 f9647d2d7452ce30cf100aeb753e32203a18a1aaef7b45a4bc558397b2a38f63bfcfe174e26300317b7df176155ae4ebaee6bdf0d4289061860eff68236fe1bb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00000b

MD5 23d5f558755a9d58eef69b2bfc9a5d99
SHA1 fa43092cb330dff8dc6c572cb8703b92286219f6
SHA256 6e5bec69b1c6424972a7f5481ac57049811f0f196535b707613126c11292c5cf
SHA512 9c56c94d059a27dab9f69c9dfd718382a8eb192b8c0ce91cd6db6ec0769b8756acf9c0956a35561474b87d6278b13fbe88a6e4df6260c278b1ae06e9be55dd6d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000017

MD5 64e6bdc0afb923ed3ea83779982c5152
SHA1 54b97bc2d87d0cdb9c2937d97b18825f362dd672
SHA256 13a490e1ba898dda6955b68f403a3b10e2409f21f74959a1552e1e334b677c2c
SHA512 980732b5370906ed490ae2b651df53994983449bad22b8a2dc191b4e50c0e08449d8c15881f174214755593fc3f971879d667d21e73a4e6f2a586dde0c5eb30b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000018

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 25649e8a3bee9a1b449f4f4f11d7734d
SHA1 7d07d2945836f327013cc50734d885309e3fc690
SHA256 2349d339625a38fbd3c2966aa04071e00da1c539865350cf21a3ac6fd45fff40
SHA512 36306eb5bc7c29887fb5ab17d8aedca56290da4899fabefc060fc36be6982c3e48591e051cee96c9c1e5d0d7d7dfb27db414e888b919b786e8e9aa53331cac03

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000027

MD5 cefd169b5f9575f5e6c0fa929804ed5d
SHA1 78c73da73c57085dbf5f7058adcfc88a4abc49a3
SHA256 900ee91c84c346dbcd2d53233670c6a684659351404a8a74373de851ed98af33
SHA512 1efe6e336258cb46aa2e322ce61e2b2a97dbf4e8e20a88df5f224ce6117c0d51b2ffff3e9c664973ef3f61bfb7c0eb695ff131e6b303a1662dce28f581a209ef

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002b

MD5 f26257dd0e4192d418d6cc6c3ba86c3c
SHA1 4580f3b36f00ba61d5f0705858e9c2e2ac355748
SHA256 0b4c12bf735c281be7f995f5f4329b0b9ad5683944776cd9e3dea7408081cb2e
SHA512 00b23706e457dfa7f120b528326b0b746e1a666ce20f803232d1ab6bc01afba68776d976526a3d5b5cc2ef1caeba4deadb0e0e4b4658e46b4bc32fe86000fce0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000028

MD5 6331a54034390965b4fb4464e98944e6
SHA1 c5764ccac9018b20db6b62daf6bfbf3513243842
SHA256 eb796f24d591b72fe145229405ac8d46efa1491c1d3f76da5796e52cd3fbf56a
SHA512 87f2c42148e520ad63b4e980e78ced1c3705db4e75e9f03932f4a3e9eca2163147f322f452cddb1cab027fd5569e0b2ee58dc0970e168cb1e7b42bc282e3a31d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000029

MD5 6c087210ef25ffe21c236d09e5d38bce
SHA1 9eedcec95a79c4a35e1e8731bc3be8f1536260e6
SHA256 b7df4f8c89a3fa62f14cb13f174ae1e6a1a882b98acf428ef5d4cb354df95503
SHA512 dab6d65c30c2589bf33191dbde68f7c70491d69c506303dddf72d32cc260e25f8961353ed921b19bf9b5bc6cc2b937f0853fa186431a899ef377f88d9a9ecd0a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00002a

MD5 238b314e691c9973b50797529dea7c94
SHA1 10c53b52eb20fab14dd6726a573664947309d58e
SHA256 edcfd35079ed92c57bab981730b910fd7d5d9fb5caccfeec09e13eb490526971
SHA512 8456b8a86f0520ff43ca1f13c1ef0bcad302c6dd4750685c4396668c578d658adff639ee79a15699dac5121d1aea656eaaeec09fd18d9367fa2755e49d706937

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 5e9679119b25196cb200677851ca6d27
SHA1 1884809eecc7b21af0ab55b3d9c56b932a3e6385
SHA256 923c804b073242af73ff339ccac8663f9a9b985832045683f7cf81243621da7c
SHA512 674ae0c37724464d2ec8193c5cd056e9e3cd2871d5c91204bd8164ad560c378a173915f329c4bf1564fa7d01668ca333bfad209779e4b272abe6a9d854ee55b1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000022

MD5 85f9dc7edef4f310dde46c383bc27cf2
SHA1 a68d77ce694c56e08e70c2bcc7f74c7c8fbf8e89
SHA256 eb2f8fdfe47c43875d6a9ecb49b8d9850f05cfb65efcfde2a06f8f75d78f0c60
SHA512 a35ce740c3cb691693501eadc5258632ce1e7993c3a6782ba148da0468347c69950903246208f44fdb06b9cf03e73a1c4aca4a324816aa717d1af693c11bb7d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000026

MD5 9ab049e4fa2e057058b33715b6caeae5
SHA1 16958cdc71f415bdec24f1359e40f66c4960c767
SHA256 d147489e927ae1eacc5ab01c03e52653593dbc4bf7112c040ce26c370cb6b2d8
SHA512 efedf364b2601eb5e7369f5e2a2b359ac83908a1cd07bbc10e52b76bfccd3339bfa6f4cd5c9f55bf934f477a12da878f3de07971109fbaef341592ef6a62ae70

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000035

MD5 8eff0b8045fd1959e117f85654ae7770
SHA1 227fee13ceb7c410b5c0bb8000258b6643cb6255
SHA256 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
SHA512 2e4fb65caab06f02e341e9ba4fb217d682338881daba3518a0df8df724e0496e1af613db8e2f65b42b9e82703ba58916b5f5abb68c807c78a88577030a6c2058

C:\Users\Admin\Downloads\Unconfirmed 898154.crdownload

MD5 bcc91d797e2047d48bd27027b5854c6a
SHA1 f4aa2a6c643eae20e8ef11337d897e7bb0355622
SHA256 f21587071abcee7153f020ab6d3e49b4584a4d51c6b464ae5b9c11222457a4c9
SHA512 4b9f97a94a18ed3b789117ec7f37ec5bebdb152118837259acc503bf7ff735026e169ae57b7702a7c31ebe9c37609ada78486b6f189f9f0c8fda8943cb51dd44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d2344ed1639cf6afa86099e8743815e1
SHA1 56ed8ac4ac887e9f2775ec23a0c07231afdc2e53
SHA256 9525242e36518db5dbb2112bf15a938ceb97ffc68083d51bb9f65015e27d1f22
SHA512 f03400a7d4a43f31004b8e751e9096db9905fdcc260e90dbdd1a6d63e1af828def946a177ef4776da03a15b437ebc780ceaf9b8deb4e166d40c44ea29fa70550

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 27603f41418025a0d2dd37478fa8b1ad
SHA1 20c0a9e52baab58d12da111897bb1b5c0ca47f5d
SHA256 fc45d78e793ac2c60965ff097aecd26125457617f1776eb28bae95e59823f631
SHA512 2e56b590a113711d5f54e8ec80dba988faa032819bd1648f01ac85b916abcfe9351d626f55c42cc581879764ca2c624b072c712efee432e50beabf89517eeeb5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 418828fb94fb979a1369698f83281732
SHA1 6c4244244b3833feb72613e8ba9f05a8d45a56d8
SHA256 4a9014aea9065fffa01b67de2a171ae4dffec7da489573cb9f64d42f5c3c68ec
SHA512 db3391d9345e9b4c70d5934369b2acb5e33e7545c77a406ff8f0b949eca220ee0f1107b8835e270f38851d95d89400ff9548dc2001a24d1fe7ad321f13e3adff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f5d32f9e1a2ab2501064e25e9ff92b61
SHA1 107acadc1b7270d6c7ce935495db04010965af6b
SHA256 8d470d5bf3397ee7d739b2c07be2fa7cac5bf36aaf29ca12a80d10d0a81fa887
SHA512 7bfa4c329ea715bce87f7b45e76fdfa4f7d13e9d62b550f11a72eb3cac1d330f49976008557d440aefac8b3f817893a2dc4b41fac95e69d1237994a019e4d8dd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 1327330173de41c0db8a4c6bb136d7cf
SHA1 de2c8e64a5f9ede32497bb0913301e27f7c7fd27
SHA256 093f697e50ecf1fc37cacd039d7b612038e1c5dab5e1374cf56c1ef1a8b0126e
SHA512 19890e486753fc45d954d51baf7f65a4707173a96ea870879aa1486fa11157f16115002b49bba3bf923139448e57ac3e921679cdab2b6fab0176b1b19d44c9a8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 28bec247bf1278f8a50653ebc8a40a76
SHA1 8b41ce0e29339f38faaae09db29be9d95ef0552d
SHA256 03b897608e5f758f4913f9ac95c3a9e9e53d4ce1e72d5cc34976d1e03ef14fbc
SHA512 c2eadee5c3ea2869763eb57dfd3a23d315eecd637932956c5550d2dfc1ed890af6aebb402c7866799b58d8747ac929300928cf322e742ae9f49466bf8a7bca6a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 0aee3eff010aed74348d4fd24e7d4a10
SHA1 2e4ea8be0f2ac8ce3870fce029d69bd164aa0226
SHA256 8d9e2a74d66ea40b5c4717402417faa2ab417b580f39de49f86b02193e8d7134
SHA512 62efd8d7abf2d5bd2fea233cd34cc4900923e7401116cbad4d1df9fadea8aab09f2b0c95c615d63d93c4c58a05aaabde5eb9f1802a1030a00b4f8ddcfb8e44db

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 905837c87f52a2969afb9cfbd3100558
SHA1 d9c67061702fe5f485e7cc6904eb5e27ce0834cb
SHA256 4ac906a62498461d90c7ee2c6c448a5b36069fa9f200823c028e4aa7e63362f6
SHA512 2604eed7d2bc42f635e49099559c35b42499c57888a5430f035b15b7605c9bb0e57cc47b9d08e29af7b09985979fabfb496a5775bf6921ad2ac8987af0f534d9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 075eeec624d74d969b15810050ce4e3e
SHA1 11c4e95f5c5eda37d82ab69fb9ca1516d351d496
SHA256 babb4c2357a7c3007008ed3c02a1f3f2d567c8c64b4bde0e48cc90e17abc2563
SHA512 dd44c4409bcfabfc81514bff5c22e317bf3ff715f60e05e134832297eb8aa9fd3e27b43a0d2e54bb02b175294f465ac548990084ca614da4d39d5a8de24f3bc0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 914058c13771f30a13ef95b6f356b46a
SHA1 ccf6034125434d879a5bd5f02b7f9abcd1ba074f
SHA256 e20272639987f91974afdee25c99d4ae5da7b48921b734e4d303031cdb71d178
SHA512 55f15379020651fbc0fc76bb6d67d860d63033f26f4284bdfb535f3daab53026dc17571dc44cde91eee97168122e96fa4f60fbdd0a8cc4ddbe958b2de5620ea7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.techspot.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\dcef81c5629f763e_0

MD5 ee4d8676faf933c69b5400133507838a
SHA1 93a9ac401e963e1a0f590711b2a17c7553c40eef
SHA256 214a2f71d6076b49ca41827fac1711a0e4f3aa38b86fcaf24e5dcdacb1d4a1e9
SHA512 673191e80342a8d2474c51b84a0ca2192f5c9fdda0018a7bf7f3998157a71f3c7c413be90720594a0d9b3c7517a7b0950fb445ecbdb247f877e358a48321dc0b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 31e09af561f1b7d1002d91c66f00ffde
SHA1 951cbc89a4395c0bf7edde7506ec55186551324a
SHA256 a9bb45158675728b7bd851a5ab39aa18a1a9a60bf878d3e484a537cda6e7c1ca
SHA512 fa740416a6516b6f41270a81ad6d177258a530fccc473cfa34240ec0a669d7f098d55b66c96001afe44313a072a18e917064691a2d19ffcbe5c047b08787727a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 6d5958d22f273157f97f7bf020502ae0
SHA1 fd4759443d25b099eb3d35ebd26ecb8bca725543
SHA256 b0d85fa36e2d5dc540f65b001e824c4287ab172859cddd077dc3846eca423138
SHA512 dff39427c3ff67bad8ace12b616dc7f801ec8df926e46c34b791fdd094fb2cf5a535095bf2ed6018133f1e151a7932843c81e49e7dfdb87b6c0808531d2611c8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00007b

MD5 1aca735014a6bb648f468ee476680d5b
SHA1 6d28e3ae6e42784769199948211e3aa0806fa62c
SHA256 e563f60814c73c0f4261067bd14c15f2c7f72ed2906670ed4076ebe0d6e9244a
SHA512 808aa9af5a3164f31466af4bac25c8a8c3f19910579cf176033359500c8e26f0a96cdc68ccf8808b65937dc87c121238c1c1b0be296d4306d5d197a1e4c38e86

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000055

MD5 2c182eb71915de05b7561a520eb2cc42
SHA1 027fd61c438b1f14962963b4abefc8e0cb7ff66d
SHA256 32aa7053f4f90b8bca7ea550a04d98e551b61eeb673b937531f583cd414db2cb
SHA512 06d49faef03f74589fcb6883dd95d910e6547822cb5a69a881b9b9a9c09a8b47a1bf9f2331333848c12f1661aa9a196c7fc22359dee17c4033560df57dd12edc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000053

MD5 19e925a25bddae878e0f90d744b223e9
SHA1 9db130c359e06cf32d209928d08fe01477c7a79d
SHA256 0cd5faf1723fd93e08873a5b3cf8cf8e755a1f98058b5967ea2520708ae0dd47
SHA512 61822ae9a5eb122dae24b3f9da067c6590c3b23b0d26903c954468c09e790f026b5945ef27ac6668f08e2e2a5f599891d8dd0e9e63bfa62efafbb08f5b0c653d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000056

MD5 91462ea8232ad90135f575598c6b6d21
SHA1 e98796687a5bc539390354c58d5b0ff2b86b05d9
SHA256 15a94ebdf20f2e4ffe5f0c1d8a14a262ca09f22144867eefae9ac22663a92c8b
SHA512 2767ad7a46771565c1ae3ebee95222b17d6ff9e96e0f05a74495eb47e8ecc11f36aec0ebce0070dd717f913ce782133504fbb5a760c4d0d966ead243e49da74b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000054

MD5 018cb1473dda110f8b77f6251abd27f3
SHA1 3b5fc2c4b9370afa0494a1e07e60d8c5fab48edd
SHA256 2c6e0052660db2813313c756dd63156af830ae2ea196cb667b20f729e4ad975c
SHA512 0b829846550cd0877883d6be2353dea654eb46a89b94b292ff7cdea8e1b338f7587b1c2737dbc384c73932e1d2f9f156a1ee90f544d5125fc75b74dd9bf0c44f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ffaa5b0f515ae50997eec67b9e51b670
SHA1 1caf45ef89cf81245681ecac178f670450acdbd5
SHA256 07965421b6c9fa5910420ff83d412d064a45e7fe5ec85df58bcbeec3db150755
SHA512 b2b6ad86eeb08cfb8cb7707ba2afdb3c52321d7c95542fb0608ad8be941969debb1b4ca120d12c38a32a7b0de0a57fa7226b6a44c748f4f0152bf09ff946cb37

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\2bca27fa-d0b4-42d2-8d48-a74df0216df0.tmp

MD5 6a285e4deed06ca06fdf39e1d97c1982
SHA1 74961cc5eabe5ee2da6384110cb4ae5385d684bd
SHA256 720841225741d5c2ab7894c3ebd55a84fcb4684b462e057caa731a1d05768ce7
SHA512 0dc72a4b601fe05e3d5a9cb2ad0a595832a59c7b8b5b9094cb7a6b37e8fded87c0df0cc6b8a98bbb8896c4d2162fc7ab6085117478a6427294f209ee0bbb45f2

C:\Users\Admin\Downloads\Setup.exe

MD5 932b17973b77f14f888d3facc45e1647
SHA1 bbd117ff3994b1a9b532db1c9e9d306db46cf7b7
SHA256 733247f232b198c6caa5af339860d5ae8676e5363afed5b436ca7f790a8b73a8
SHA512 63e01c8e622c25f87b98433ff0357d78d70c759f465d6f314fd16dd6f53c9f5344454f7133efa1051f5398e99e1f95e7b2c3a13b206ef8f501231b851875eda1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d997a756832bfb5be3a137818d16f72b
SHA1 4d26829b19f32e466c474f236747830ddfc14f8b
SHA256 1c0a985a22bfef1e7ebb6371acec12641f61f584eeb01fde685d174e7d81568b
SHA512 6548166c4c1e9b2673967308fd460e27ab0d703eea5373e70fc79885db5e04d02f1beca4578ee0d2b02b4eb66bd7f09084ce8bfe466fb4e18d5f15fa11e9d809

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 0df699c14ef394b415a836864deefdb8
SHA1 9f6e532e46c593e1ea11548c0f20fe7fd5a27e7f
SHA256 fd762ef3aef88af762344579f9a8ce1c37acd728ad489fcff23f3bec8cb8cd66
SHA512 6535bac1fb000a91246527d62435059fca7c434e7288b05e8815d8e941175561631fdbb65926fcf6a0a1c28c72e7e602db9d8cd0a27f8d6ba5770c164d82ed67

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 76e2fb5d84d6e8d81b66e4fba56ba5ae
SHA1 0ad0ba51acc8cf85409468c20deed07d8c43a0e4
SHA256 d3d6968da9afdb74a0a3f82613ddade39ef0033c4459149391324e4b67395c06
SHA512 8fddf24f9ab61fb5e65ac670cb73ce2ba45444955bf76825b142248a5c20ad85013bff0e2c0e2534d7bca36a30a2c390fe6bfe4f084db3e49ab1ea47ca5eff98

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 e6d154bab84ed1a47407bfad022e8b58
SHA1 670965cf5111bcd1bb829370721bb7190c96d9fc
SHA256 86ab200c55200f121011d4fa8e9f7f985a5ec5e506be11f376d6f410f8dbfbd8
SHA512 18a5f85ea837e53baca7247e36a71976580f71d51722ec5bd1c1f8ed818b898613c6dde28c70e9d01d488ee51654a69cc0545126ab71860b6ffc6c1b3660d329

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000058

MD5 0c74385e7737386aa46ae9cf3aa09966
SHA1 a5703db8b6ad7256d932cd528a55e9c3d23cc85d
SHA256 7dc1e70e67a65dc2032e0fdf7ef3edb35c5cb1efee4ef548501ea9fd953601c9
SHA512 3f7f85d4b52a285b85928683e3c36ffcc75e6c0ee6d7801f7afb2069eae6ea555378fbfa43e09bb46a192ca6a8d40d06389a453e94de2da7a290885065182caf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000059

MD5 a0ed0861d30a360c21fb3ebea5452e40
SHA1 fbdd628c9ef49eeac572cfa2e04591fdbdd7db14
SHA256 7bee8e616b17956af1c3821a2eb783e51a7382984078ea11688966730670cfa6
SHA512 f74ab544c5eb3fbbd024a04bbdf6a0d2b5e4c8f2ef57f2b289a515f0ecd1280624a80d505e8011dbf745382f5d8ecee7311f6be5df3f43ba2a157374e40be6ab

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005a

MD5 528c5d6480efc0a93bf3b5b5c9c40505
SHA1 300b8c8388c93b514d9605d10a90fa45b044c7a1
SHA256 3f033adcf4534d2deae15197df221b6787ef434d3138e451412dc44dc0d2a83a
SHA512 1badbb7a00ad394af35537943967e33dc0a584c58ae6187871de1c8240062396c8eaf922ad77df8aecf1811bc06a6b1f7613397250d23c29defeda979b7023b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 08aafc15fdcbad2837b49023a7dcb85a
SHA1 fbf00071bb3b3f2ee7fa5e38eb6ebe74a86d695b
SHA256 63f7a4eedcd23a5fd0890c556fabfa06d5e4d8e840eb798dd25007e2334bcaff
SHA512 f3bd29df644a9ad703507d8ec0e525637706c0aac86d575e8f52c1aa57187eae45ceb9db82e4b4c135b76edef47b5fae3c03ad048f3ea5bc65c76b660651e5a3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000061

MD5 dc82fcd7d686f486da313214101a580f
SHA1 4b0d630a472f708b547a10c0923d2113031417ee
SHA256 304359e2ba716c13aee17dabc8a6c6cc147b7b6ff47f52aba725bf219158e395
SHA512 703cd7ec5623a520b7767cf5a46eef8735f8fae54225706769c7b2e2b14098771a9a5cf8ca59ac6a0cce8b38d327e92bcab9487cfe96efdee7df1b4170254cba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000075

MD5 9c6b5ce6b3452e98573e6409c34dd73c
SHA1 de607fadef62e36945a409a838eb8fc36d819b42
SHA256 cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
SHA512 4cfd6cc6e7af1e1c300a363a9be2c973d1797d2cd9b9009d9e1389b418dde76f5f976a6b4c2bf7ad075d784b5459f46420677370d72a0aaacd0bd477b251b8d7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\58b98db13f2cbd0a_0

MD5 93ea42a44467b4545d5e39296ffbeda2
SHA1 a2b027144d335ab489c53acb278a38e03ef62b23
SHA256 28df14c2356be08e448c60f7d602b20cf92bacd4c8791801aa70831a2620842e
SHA512 fddb7faee76831bb9ac64cf7be711e025759b49e8a9fe8ba7308ba3a94668d895a277592cdf4a2c429546a0a50caf2a35276386a0deee6264d3e7d2fa6307a0c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\d08126aeff01bdd1_0

MD5 545c3ec7d5c4008a199679c3824deb67
SHA1 20675401142cb9aaa469908697c9ef864673a7f3
SHA256 575f1a1baa6afdb524ee81e0c5ac990f03399907b210124ce9b551235cbf3a4c
SHA512 9609bbef2e35c5af7438027a1d2a87801d481a9144a9cb4a584009752d1a3258783917e676521658677d7c34844c647267d79e5ab2d36d3ebf4bab63788949f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000062

MD5 5d147ef1bec17ad212272902eb8f935c
SHA1 c170d9685ca4e6e522a1eaf71b45790793afb649
SHA256 9be3845e69cac96163cef2d9a7ac5ca6508ca026b15098babfcfe104ca72faf2
SHA512 85f8f4df295b58b394c457062cf5780cdf40b12ff1c70d7c69594c8ce8e07f4c8769fbfefe6e2886777cd5b7d0ea3cc9d6aa56185ee18ea248aaaab1c3c381fe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005f

MD5 f314bf3b0df575c5314a504756dc0c4a
SHA1 fe1092e9d9651a0c19deb709567b7266658969f0
SHA256 725f61305ca5226b479967f42217f68faa8e1cd12c37d7e4af9dd44c7170c9a9
SHA512 e29c8b4bbd0b728418e1a97dffc670219b99c2101edb9554879cd4f8a6140e2fec7a2921b00aeb27adfaeef47af2102ae00ee3fcd41c563a54f0cf0831321a40

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000064

MD5 2fe7b35dcffaa0dc3620061255ddad33
SHA1 2004fe69983e6c3365d62ca070e511fc4b5102e6
SHA256 9465260ee386312cc0c778378e4eead067a6f3053c10b54c386bc14447f45552
SHA512 9468a6dbadbcbd6205cb48dbc1840aaeae8c81eab6577a5b3fe6591864fc56ece53e5cf611b233bc21d141a7e7a6c112457e0fd6d9b40da7667201f168467412

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005e

MD5 c12a025a7763d1dd5d07f1c5f1119ccb
SHA1 1d10e8dd2f8e4809a66acad152753d23e057cc22
SHA256 58610d12569500c2bc815aa61b0eb87ae9ebcdec3b68909cff093729d2e04bb8
SHA512 0a3797e8d8e8a4f9d6c9fbd4fb6b7d6f8c90e98d5d2cb009a63104c87291fd0f12290ba4f9123cd7bec6142c574ad4ab5f410d10a99ecc750b61da3d5b4a8691

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000063

MD5 51636de3ce868a2172f9e6996c2934e0
SHA1 9b5de9f2be0af95b03fc43f0b1bfb9f25f81a900
SHA256 2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
SHA512 a01c26be01e93f32da42f1ba642d21f8e1f828f6475cc44b916d739c0679e977fd99a7b57fd3dbd2ca6e27524717362b054886f4131d7d90bbcf7cf442daa9a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000071

MD5 6d08ff4f36771456b447137905151406
SHA1 8eee103d7f57667fcb71afc516d291cc6bca9661
SHA256 d93fb092d54627b08e5374c7215c392ab8cd5502c4f5e8666a5f63ecbf731292
SHA512 14c4aed7452ce89efe8063092f72d16355998bcdad4c09fcc69ebdc579688f88500b4c6d4f04c3f43be0a2972db1c02c8dbc70bf04f01b642f58102beeec6a7e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000066

MD5 1d4815175b5ae11e2f5ae08a59a25fa6
SHA1 6ba34a017d857a1f849915e25e0b4f7e0f895d3c
SHA256 a0629fdaea0f7bede6e84b281f7ea6dee84cdd2e1a5f4b1e30010b2e8a3da7fc
SHA512 a25874f7e66957888e5a2110a0ac4342f4bed2619792ec7f3e452bdf272f9fdfe5767e190c62fcc8e52f36106c8bbc851ae89ff3cfed8c0bd75ee0f313cb261c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000077

MD5 87a1556b696ae2cb1a726bd8c4584a2f
SHA1 1be0f6f39e0cf316f9827f945eeeaef8294cc37b
SHA256 141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
SHA512 ad9ee74772783ecf885c9d828d0d54fd4b65f66ba316ba0a5b241b910f4eced6dfa3ecfa4f2cdbeed4eb0ad9929ebc207f9ca3099348498f7e1acf7192fde98d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000078

MD5 5fe660c3a23b871807b0e1d3ee973d23
SHA1 62a9dd423b30b6ee3ab3dd40d573545d579af10a
SHA256 e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
SHA512 9eb08055befc2b70cc8bba34496f14414ea32f5b97f185d357f100ea7d74bfdc12afd815a53e629d02a53dc7f3e37096df8bbbd36ab44a011c1a4288b42780cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6e24504981da7d3970fd2ee37cf9ddd6
SHA1 b5cf45999fc1d25c8b6caca234cc22e01d4597bc
SHA256 e25288d77ae6089b8be8747666cfb6ecc0f4e0b18f8456d82cbb908b26d7b2b0
SHA512 8ddda71a667886ab1de57162964d93a1f5b21860105458da1381b287166dc9d12327c66df211518c5947801d89c6120cd312541e65056c48f06e572e634e8294

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d9e4fcbe9937e443fb36fd214c4be02b
SHA1 d6920468bbef6de14359e33f0028311c2034939f
SHA256 410b727effe68c7ec52eda4f63cf917f7da5d21cd60ee8b07e334d6abfbeb03c
SHA512 6a6b8977c0930f765aff43b598e80a99c03d3c66ba699851e0a4cd8784d9591e4ca5e820a4c28dbd88354a0082c281f9f6f38c203bee49306572acd4cc524b66

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.techspot.com_0.indexeddb.blob\1\00\2

MD5 b6d572af15f8efd66ec649930e7cb742
SHA1 8dfa426ecfb4021fc16fb1f963aff7ccfeeba5f0
SHA256 20d20f2b21165f387ee0bc78056d8c340b7400ac8b4aa754e01c5cfb5d55b741
SHA512 f91a132cace1464909ac1bd12558d0aa4d298482071c4cdc5ce8fe5d5f30d309e36ffd355838d566d95aaec55ba7a49c6566f61f909d906c51adbffec6b7c9ee

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000065

MD5 d155610d38d34dccd977ac213ab42e1d
SHA1 a343e08abb19f7d4110c64de08aee504cac318d3
SHA256 6ec5dee6a9dfb42ef97cd410c2e3387f53d2eff7d1fcf159f96b5ab129036ab5
SHA512 eb735bd87238215d54613f6065e61d48e1578908117af2a215b88dbdc3c4d155cd2b60e035ff2cde17605445bd89129de07aceb74ce8c16dcd355e4214986c8c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006b

MD5 1f7a3f8976565e1e32b0c6f738aec06c
SHA1 3f26e73d3916e7be1c1ee35b4fe1fabed78f7c26
SHA256 8c170d44f570be5c0d6bfd82e4558024b4c6c5ac07210223f534358704dffd56
SHA512 40cd5bbeb3164908faae579c5f3180b03d9be742509e48df34357ba780b016ab370568055e4c3f751761aaa6c9b86e2ea343e251411c0f9d1502c26a190b7f1b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\135a9e73b7a29232_0

MD5 3949b5e23ecdc71ad36ae975905a4aed
SHA1 73128f4eb5852a80ae24d6714535c33e7cbcaaf4
SHA256 066ea825f86e8a661bd921bb301139c4827c6397f5ea489b43bec6aac058a139
SHA512 bdbd3a1d9be5381752bf7f95a764f9b28b0545324d6f8d52c02bfd51354fbcb3d466c286fa51d83c9ad345d281ef0ab4a6442c236b4fb970bc968cfa754b7d7f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 dc375eee35b498f9e56c993b9ed03b48
SHA1 c88a9ea25d01628bc9163ef7bcc585e8dded9445
SHA256 1526c10e9b707f9054c698048738be26761273157659c5c4967dcb4e71245e2a
SHA512 78997a8254ae0baba898e2fa3267755bca4159b90ae5b17f164bf3f365c7c9c0b7884fe29ab822aa6556268a198d67814d222f8dd91b6430aae474f817da51e1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 25d4184a886f95fba314e783c863415d
SHA1 484232870e07e37031bef04e9e70ed7af3434b45
SHA256 1c9cd19ed8d930cdc589b9926e5e8ffe28e8c4d2484f3bf3c248222b1f29797e
SHA512 2f4c1198020d1ba8cadb795afcacb1901597e1c5414b5f87b775bb558f2148b0fb3514456cedd93f038c0f212d23d1fdd41f546c29d6bc375e8301e0837e9402

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 3881e54cac96fd8dba1da3638ceb406f
SHA1 8e4558da25403fb3dd695f5997f6dbc7e1e8a212
SHA256 5c12af61b099b3b2cedacee0217acc388f8fe41fd4ff8e4728e70107b5bc8351
SHA512 87635048b7fb4439343b33dbe9db7f7102b06f91e12576abceb9d95ec4efc115a105c6b9cf400c0b0a3db4f577c189fc971e2f220e942ab2aa6ea562e9c5c795

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004b

MD5 76a3f1e9a452564e0f8dce6c0ee111e8
SHA1 11c3d925cbc1a52d53584fd8606f8f713aa59114
SHA256 381396157ed5e8021dd8e660142b35eb71a63aecd33062a1103ce9c709c7632c
SHA512 a1156a907649d6f2c3f7256405d9d5c62a626b8d4cd717fa2f29d2fbe91092a2b3fdd0716f8f31e59708fe12274bc2dea6c9ae6a413ea290e70ddf921fe7f274

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004c

MD5 710d7637cc7e21b62fd3efe6aba1fd27
SHA1 8645d6b137064c7b38e10c736724e17787db6cf3
SHA256 c0997474b99524325dfedb5c020436e7ea9f9c9a1a759ed6daf7bdd4890bdc2b
SHA512 19aa77bed3c441228789cf8f931ca6194cc8d4bc7bb85d892faf5eaeda67d22c8c3b066f8ceda8169177da95a1fe111bd3436ceeaf4c784bd2bf96617f4d0c44

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000049

MD5 c3c0eb5e044497577bec91b5970f6d30
SHA1 d833f81cf21f68d43ba64a6c28892945adc317a6
SHA256 eb48be34490ec9c4f9402b882166cd82cd317b51b2a49aae75cdf9ee035035eb
SHA512 83d3545a4ed9eed2d25f98c4c9f100ae0ac5e4bc8828dccadee38553b7633bb63222132df8ec09d32eb37d960accb76e7aab5719fc08cc0a4ef07b053f30cf38

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004a

MD5 fb2f02c107cee2b4f2286d528d23b94e
SHA1 d76d6b684b7cfbe340e61734a7c197cc672b1af3
SHA256 925dd883d5a2eb44cf1f75e8d71346b98f14c4412a0ea0c350672384a0e83e7a
SHA512 be51d371b79f4cc1f860706207d5978d18660bf1dc0ca6706d43ca0375843ec924aa4a8ed44867661a77e3ec85e278c559ab6f6946cba4f43daf3854b838bb82

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\a896cc14-e647-418a-bbdf-f982ae214189.tmp

MD5 2315babac929f3b576ba71b1e358b25b
SHA1 8db8e235dfc370d9afcf2cfca48c00815f34044f
SHA256 4278f19926890e18e79531c68d239e275644072a19fda59d8d923f6eb1a848ed
SHA512 6e32e5b6c0eadb042f4dfbb12d8c96289cba708b99e8f9fee0874972d78a9a74a6cb27785e1e056f5404b92d5ef24fc312b2f29cb916b29d34a561087a73b64f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000048

MD5 44a0efdb62c8716a215a27af435fd27a
SHA1 d293b55224f753fe1eb368a8b7599d78709c3b87
SHA256 4e7f7517db2a941ef752966fefc24801b7c8a94d71bb5cc9c64dc8fb697dc0b6
SHA512 c039c14abf279adfe16d0c3621dc27a4713c447a5cced596fd8147bcbe5c5e60c444f30102797628954fb7cdff8de13448c190a95f5dd29713f409e7cea3fac6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00004d

MD5 7153c0e56f2bd0b9d61cbe3c697e3bf1
SHA1 59c1a4ba00584dd66c94113e7d38b8fec194da14
SHA256 ecf4f22780a8de18840ba98100130e64734d0406893841ac7361a3d73903a2ae
SHA512 33a20aa2217b42b59bda70bde70681fb75c0e615c651a799849b71afa276114e77e15087f97b2db231e2dc66cd842f367355fb268f74714de51ff15d2112a37d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\57a68b7534ac6b24_0

MD5 d84242502ac2f4710467b37fe3d26242
SHA1 2b7e7a5411e6f8b93718f222aa8a202fe6085b9e
SHA256 51f57a9ce4dc42bbffe017bf6f53875b7beee1ab08a976079d6c97e9c5ed2cf0
SHA512 ec5817d15a3a60e668f434314c6c0046801a6305acc7d5aa74abaf4b8b16ad31a8a755e895823f8ca4824b13ded94b5e44c4e84ddbf953917df63f2da3f464a6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\b0030f7bec0e0a52_0

MD5 569481689de15e41268f5256cff58ec2
SHA1 192ebf7e3e2d619124f37d8cf7b719bb2072a704
SHA256 1cda3470b29683f04c7cbf6d4bf052efcc34cca458da3d1dd16e69c04f005ee1
SHA512 a1ce29b64ceafcfbb134fccc3d7fac8213e0e7aa99b5ebada015bd62f1a43adcebb819cad4a5b4113929f28eb3a0886a27e1e77dd58f71815b262415d6f02cb9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0dd3a7ad468bc521_0

MD5 455982a1d1e73eecaa9468c3597a15ec
SHA1 cca5258eff4f5fbb6f77c5f7bc1bea733d9c5a5e
SHA256 3fcbb080d9d121bf1f6ede8a87ae3806fde074939b0bd992c5b12341b0a60bd3
SHA512 219c28528ebf0b2310edb19f0d918fa469bcafd8aeae5ea202bef314ad46e3e5ed850349e92433da9c7add6a9f48efa33c4aa03bbd021476700d4fc395110ef6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\98799f4f20d3323f_0

MD5 a82a8dcab258d8965f3d290d01131711
SHA1 db17e696093e6da1ea11169f5f9e4e991e9ec851
SHA256 a3fd16be08bdbf2d479489daadffba29c851176842ef6be1aff1c12f2324fe84
SHA512 ac8dc330a7da351dd247ec4ed4edb19014c113180e25b642e45d85a685c6002e53265a70a19336a42be77f72b00b45de451c6a496e1fbece709fa39318d0635f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\e9af9337089e4081_0

MD5 dac3d31505c8788faf7ca824d85af8d1
SHA1 cda4ea5b8109b075b476f2abac7ffc760c61ec6e
SHA256 9806bc755115fe9c69f1d4e46b529aa2b07c12ac8eac20e489419aedc7b75cf3
SHA512 bf731b036ab2caff3c1e73d121114499038920306a76cadfe833cf518e4cb5ed05f89ac44ad91207eb371e46f2c0cfdb735e3666a0b7746df30dbe488b2b827e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0f8bb4c27e956b6f091bc73d9173beb1
SHA1 f7e5be149c1239391cbf0dd17c3b0b3eaf7df155
SHA256 97d3f2f6bd54997fb6b50dbb7366b0e6eaa51606a36297b305a2fc7b1ed50b42
SHA512 b1168f55573f7e3a1cefa581e977771677ff1417e8c1211aa32b0311a3ce76cddf79ecb6b091a347cae82a437e4aa1df68652f36870145c9689ec28390a75f6f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\a493240d6f689ea7_0

MD5 d2b17fcfef1ad3b17a0f9225490ca8a2
SHA1 10229de8a12d265be574912cd3cb41de4177f483
SHA256 b1b75b6d5fefedd8652cc723d4db71fe9659e95ef3b7ccfcdf7d7596a23a3222
SHA512 aa8e8327ae4bf0a0e65ea4bfe32e24edbc4a1b96690c7c25c215fdad7d2b7fab7c534af02ada571bd9e513f5e5ecc76f5dd864499a59ae176dc4d5a4ccb795ba

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\f74e0c5b064bca24_0

MD5 aec981ce6e97fd16424c3ef13d42ba77
SHA1 d179586f5799e18469d6b1f0b114024c4c288448
SHA256 da7837f1671ee4f0822e51e987c3aed59b20fb9eadfe235f7a0098328237a8c2
SHA512 5b14e71707d1252e3aeed243e3c1803b6c6b4d7d0198b501effe07164c2c35eb52824a21ebe427295ed8874a7f4f480f2d212eacc24a8bb30d6eca0c4ba14fe8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\7a0e4df1e6bda228_0

MD5 0431271ed60e6bc4f85e3c520475d2dc
SHA1 68d966c09f2e2931ef31924345404a1520d290c5
SHA256 9c65363d2fa2494b7cfa1d46fd319fb2880aad9e00c9b77cfe574894069eb8bc
SHA512 061752008df7381c82308d663bc4d1c9d35aee96c7aefe24000be1eb5bc14135561cf1294c88c8f2249bca370336ac3414d80a8bbc2ea657cddf132a8ce31dd1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\412f73756540e146_0

MD5 00a687b437d35347e0c2c416581639a7
SHA1 d265ad468e3b1f7fa718f7e094b0eaa0956202cf
SHA256 e910048f862d2585f90aa7a26226d9f5347a7a2cd5d6452ae382c51f44d6cc95
SHA512 1664d712986ff42a702726dd884026402e934ceb3c16a7319398ed1f710b00ceb3f96e4f39d5d561fc4a4d086f899125a242278b4ddfa18186e3e8509b564b84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\58dabd42ec849c44_0

MD5 14dfdf58103224ba7af8495370c532f9
SHA1 aae7e4423b620d0c887f31735ac599278b3bdf1a
SHA256 d6c195b5892d5a2b1daea1004de28c753e67d234f2bb11225c5653cdeb9fe2a8
SHA512 8ce0bff2c516d0481e194db20a01b76209fbc53e162dc8c34c823977e148e07ab08c944ea3d11df95165a881160405602a2abe334cf55efa3de57c48af7f550f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\8bcec76e44fb3466_0

MD5 046dda05ca94015b9673323b4a0df40a
SHA1 349b43ddeb4ceb147f16a18ea7b9c09bea65d7b1
SHA256 91604ac2292bb4bd17154fd3227d98473313ffa9ace8e3db73285b01f09fe055
SHA512 c28801d4d7bfcd77cf246ae5285cb67cdc70622b49a4d3de1ed5eb7b4d6b24640cfb5dd2f062185c6a02cb6cc5d53fdd6f3a52524715d951383aa970ed23ef82

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\0ef160c784372fdf_0

MD5 bf8373a7babdaf6d50362a2f4e18aa4e
SHA1 f6c2e1bfa11f60e08d879d081e91a0d55f45bbeb
SHA256 8e1f3f4a097fef80fb5649e8bb4f6a61fe14cae6cb0fa830e86fcf54714fbea5
SHA512 3a7150b2a92c7d889fd7956a10018f99afacfc06ffcee8820b73faaa08080c45205daaeabe79ff9643f8eba469c64cc5de0d755489c7340283e026f7c9424139

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\027d34b85f81cc26_0

MD5 7341f36a0c170d639c0df085a2f9af07
SHA1 9d12800edd7a68fc58269d398f6572739d352b72
SHA256 b974e7a9d570f772d4e9ef680d14bc91d885a05d6201559a9d1a90e9fb032c6c
SHA512 77bba94c3d1561bf772c0a2cd62411bc3ec971042cc2682f49516a51f6d9e90ee64fe38e0ddacd10733b2739407beaebdb9094ffefde7f6643dcf1a94d70eecb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 3088ba4bcb39e9a266515cc330064c4f
SHA1 bf030c62af1b44f054cc74e98dfb42bec3f6b3ae
SHA256 caa79ffb64e42a64ab81e0f8b42481e981cc0d29c57cba8f12d82f67132def04
SHA512 c66be0e506588013fd0cbc216c6cb9b8c3b2af44b7b6c0fd19f2d7d65d6a6a11bde189da259527b18ef1a5070ff283b5c520ee23dfa92e644e989be24801d4b6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b7553c882eb74a9d42e5fa40d64acf05
SHA1 e4d7c621564982b8d8020bc6ecc8f99c42c4ade4
SHA256 053a94bcae07c589d8554692bea7acaf9faee830e8e2400eee0d2df65c205bef
SHA512 984af38b135bd82789b229386af2e9fd333161af2a2e380df4b9e7e37ab234da14568c081fa239d5cd4b974f0f45be7209f3aa0337564678e3bafcf8803e4c08

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 bdf4bc3c0c3e30fed9135d0f4a9d2d08
SHA1 1c5575b77af8d6cc70de176c15175d8dcc3710cb
SHA256 b0af24318c7f858f15ae2f981a2526720dc6adc918e7138180c985d200690c49
SHA512 9be6f6082904efcbd73737895ba83b2c5cd5da4480ad8e481c2fc4e3cd67e893bb3539edf719c91429dcf84ef335b4d6f55af5e400b75f96f2d0acd97ef7b997

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 612491537c58cfde3837fb0f401987bc
SHA1 5c8386829f86d2feba38f9901cb9f54a3a31a5e0
SHA256 9ddbfd84ef8c80236a2cbf84bcfcebe7da82db06ae0f9f82938ad432a395ef96
SHA512 d1d88d2f7301213c51813605175d6b6c1fac86c8dde5a43cf904fb51d3380690590dab76ddf504e217510b445b70b9e6c4eedc2bd14c447456c3889afe52064e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 70239fdc8c26560c8cde056e833495ac
SHA1 6afb32c83a4196219b5408837990c1933f249718
SHA256 d3993fb6358a053aaff723423089863fbdc6e1b5a20b759a3ce4f594a02d90ad
SHA512 8c2967af041239acc667518f093f2fb91adf82fae1d320100d547126581858c4b5f12fded035a096b1b8852aead5138eacb8ee705143b73eb38d47f1ce438725

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c45923cd4ad15ec7a24889537b9f6f0b
SHA1 70f0d653c7a184d6c867b4d92b70af2b3286f44d
SHA256 e9c07c68a13b90b9ff5f676b62c677b62a82e44b7cf96d49de720b77fd84ef8e
SHA512 3ad1c84f782681ae0e8bab30131189e5cfc5f5ae99c6d770a7bca43d884f51101ac1636273fb8b8c7d15f33b6ead3611cc8d3ea3e5225aa48d022431171fbff3

memory/4200-3236-0x0000000000800000-0x0000000000976000-memory.dmp

memory/4200-3415-0x0000000013650000-0x0000000013658000-memory.dmp

memory/4200-3417-0x00000000136B0000-0x00000000136BE000-memory.dmp

memory/4200-3416-0x00000000136D0000-0x0000000013708000-memory.dmp

memory/5272-3458-0x0000000004AB0000-0x0000000004AD0000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 89118e133e40d0a1ae9d7a5356d94cc3
SHA1 bb377f1d3b02e49d8327032ec0fdbc658b260195
SHA256 0737c4883a049ae72e7ecda0e9732e056355e9047e1e370c8f03d9e7c3a57aab
SHA512 a2dad2c81b631c1cb780e6ea23feb0561f4c19030d448a5dc4b57d7f689193022abee50165a35833d79f3f2615bf0139b5470e96c8dc2ab28de0c1ca03e260e3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ba936d0bda52a79be7ece81aca8bb859
SHA1 8f1364f105124f1e46312fc18af629b889338ac0
SHA256 d83a0885a97b7e982c6d162b87ff545a7f2663db449902cf8ebf606daf444715
SHA512 c3bcad4594ad9be805c5ab89a1289f9da45742bddb25797d481c9b9d659bf7f592ae8c5145b5039c415b808bbd7d7fdf9cb09a01f255442ec03609546442501b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 dfe45415b9c34405bd13b8941151baed
SHA1 4bf0637e9b52478914a8bf82b91e85592c4ffc3a
SHA256 e00048679def14afa743a4ed34de7ba3870e2cd12a96f9410328fbc85cb5bea1
SHA512 7bcb8461ab98779920e64431255573aaad73bdbe3c077da2a59ba605350b37411573d9e9a01198269583201fa4f7cb3d617ed02bd9b4cc7470d31acd8e805b58

C:\Users\Admin\AppData\Local\Discord\app.ico

MD5 084f9bc0136f779f82bea88b5c38a358
SHA1 64f210b7888e5474c3aabcb602d895d58929b451
SHA256 dfcea1bea8a924252d507d0316d8cf38efc61cf1314e47dca3eb723f47d5fe43
SHA512 65bccb3e1d4849b61c68716831578300b20dcaf1cbc155512edbc6d73dccbaf6e5495d4f95d089ee496f8e080057b7097a628cc104fa8eaad8da866891d9e3eb

C:\Users\Admin\AppData\Roaming\discord\DawnGraphiteCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Roaming\discord\DawnGraphiteCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

memory/520-3652-0x00007FFE5CE60000-0x00007FFE5CE61000-memory.dmp

C:\Users\Admin\AppData\Roaming\discord\component_crx_cache\neifaoindggfcjicffkgpmnlppeffabd_1.c900ba9a2d8318263fd43782ee6fd5fb50bad78bf0eb2c972b5922c458af45ed

MD5 f265d47475ffd3884329d92deefae504
SHA1 98c74386481f171b09cb9490281688392eefbfdd
SHA256 c900ba9a2d8318263fd43782ee6fd5fb50bad78bf0eb2c972b5922c458af45ed
SHA512 4fd27594c459fb1cd94a857be10f7d1d6216dbf202cd43e8a3fa395a268c72fc5f5c456c9cb314f2220d766af741db469c8bb106acbed419149a44a3b87619f1

memory/520-3651-0x00007FFE5C610000-0x00007FFE5C611000-memory.dmp

C:\Users\Admin\AppData\Roaming\discord\component_crx_cache\oimompecagnajdejgnnjijobebaeigek_1.567f5df81ea0c9bdcfb7221f0ea091893150f8c16e3012e4f0314ba3d43f1632

MD5 3db950b4014a955d2142621aaeecd826
SHA1 c2b728b05bc34b43d82379ac4ce6bdae77d27c51
SHA256 567f5df81ea0c9bdcfb7221f0ea091893150f8c16e3012e4f0314ba3d43f1632
SHA512 03105dcf804e4713b6ed7c281ad0343ac6d6eb2aed57a897c6a09515a8c7f3e06b344563e224365dc9159cfd8ed3ef665d6aec18cc07aaad66eed0dc4957dde3

C:\Users\Admin\AppData\Roaming\discord\GPUCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

C:\Users\Admin\AppData\Roaming\discord\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Roaming\discord\Local State

MD5 e457fefdbebc37d8a56ea613edc6b3a1
SHA1 05726db17d6fa6548319f41c35b7f7c33230c40f
SHA256 7ca7aeae8daac8af6c4d14bcc4e237d482bb573fa4ba013e1c04de19304a7dcb
SHA512 8c13add48539fcfbf388dfddc1665273e9a1658c630ef971847d032bbe381e7c61032d028e69b4d3570fa7a126a49dbc3138889a8179bf60274bf9f4e7fa0503

C:\Users\Admin\AppData\Roaming\discord\7cd92088-4c49-4e9e-9505-763c39fc0fa6.tmp

MD5 58127c59cb9e1da127904c341d15372b
SHA1 62445484661d8036ce9788baeaba31d204e9a5fc
SHA256 be4b8924ab38e8acf350e6e3b9f1f63a1a94952d8002759acd6946c4d5d0b5de
SHA512 8d1815b277a93ad590ff79b6f52c576cf920c38c4353c24193f707d66884c942f39ff3989530055d2fade540ade243b41b6eb03cd0cc361c3b5d514cca28b50a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8c578bd2014b1c41929a942fb621fee8
SHA1 601e3377258bf7240061feccaf8b81fe43aba2b2
SHA256 1be17a4b73b30d1d7f688a2163b2f60f4dce6754599cc17bde149715e384fb37
SHA512 4c56fa452cff060c927d4756072cc7c8c7d292f538ddc20fd67a33af1680f09ca77181872f93be35783e35067e8d922bbe541b0f5a94d53a300b432e085fdf91

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 383b3fa190f18d357bd402bdce95d1ae
SHA1 d75bf04b9c409761acc1852ee9c76b5c5072f7d8
SHA256 7805d63915b59eea0bebf919208fc62214c42542f7506e17c40fa7e3eb17a22d
SHA512 0ebde77b0f6540bc931d5acebb81c2003fd8b0ed1f59f35676779a1eb73af9c44aa57c22007dfc7715efb6a1368e59dba43abf5ee6b32623f60791cca19dfee7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 29e3d29a07b96b8dad3eb8950a606c31
SHA1 4e7811de725f68d6538c926f4c8406276708f11c
SHA256 2366da3592d01bf3e59e58b204e9399bedf06a3e666abf7b8c7ff616e074eba1
SHA512 08dba47ba576ea5196009d4a75ae5f59ca618baca77584c8e635410d2f1c4e5a3cd8d019a653f1dcb7b1fb4c58035cccb46ceed927574de3b6e592e150568889