Analysis Overview
SHA256
2386b62224e83106d19ca769c6fa5cb8dad2faff4a535035a34004766315b745
Threat Level: Known bad
The file chrome-net-export-log.json was found to be: Known bad.
Malicious Activity Summary
Detected google phishing page
Boot or Logon Autostart Execution: Active Setup
Downloads MZ/PE file
Event Triggered Execution: Image File Execution Options Injection
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
A potential corporate email address has been identified in the URL: [email protected]
Loads dropped DLL
Legitimate hosting services abused for malware hosting/C2
Checks whether UAC is enabled
Checks installed software on the system
Installs/modifies Browser Helper Object
Drops file in System32 directory
Suspicious use of NtCreateThreadExHideFromDebugger
Checks system information in the registry
Suspicious use of NtSetInformationThreadHideFromDebugger
Detected potential entity reuse from brand GOOGLE.
Drops file in Program Files directory
Subvert Trust Controls: Mark-of-the-Web Bypass
Drops file in Windows directory
System Location Discovery: System Language Discovery
Browser Information Discovery
Enumerates physical storage devices
System Network Configuration Discovery: Internet Connection Discovery
Uses Task Scheduler COM API
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
System policy modification
Modifies data under HKEY_USERS
Suspicious use of SendNotifyMessage
Checks processor information in registry
Enumerates system info in registry
Suspicious use of SetWindowsHookEx
Modifies Internet Explorer settings
Suspicious use of UnmapMainImage
NTFS ADS
Modifies registry class
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2025-01-17 19:51
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2025-01-17 19:51
Reported
2025-01-17 20:21
Platform
win11-20241007-en
Max time kernel
1797s
Max time network
1800s
Command Line
Signatures
Detected google phishing page
Boot or Logon Autostart Execution: Active Setup
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\ = "Microsoft Edge" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\StubPath = "\"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\131.0.2903.146\\Installer\\setup.exe\" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Localized Name = "Microsoft Edge" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\IsInstalled = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}\Version = "43,0,0,0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
Downloads MZ/PE file
Event Triggered Execution: Image File Execution Options Injection
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EU8B50.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EU8B50.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe | C:\Program Files (x86)\Microsoft\Temp\EU618E.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MicrosoftEdgeUpdate.exe\DisableExceptionChainValidation = "0" | C:\Program Files (x86)\Microsoft\Temp\EU618E.tmp\MicrosoftEdgeUpdate.exe | N/A |
A potential corporate email address has been identified in the URL: [email protected]
Event Triggered Execution: Component Object Model Hijacking
Executes dropped EXE
Loads dropped DLL
Checks installed software on the system
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
Installs/modifies Browser Helper Object
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\ = "IEToEdge BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\NoExplorer = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Checks system information in the registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EU618E.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EU618E.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer | C:\Program Files (x86)\Microsoft\Temp\EU8B50.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\Temp\EU8B50.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Detected potential entity reuse from brand GOOGLE.
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
Suspicious use of NtCreateThreadExHideFromDebugger
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\RobloxPlayerBeta.exe | N/A |
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\AnimationEditor\ScrollbarMiddle.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\MenuBar\icon_maximize.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\ui\VoiceChat\RedSpeakerDark\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\ExtraContent\textures\ui\LuaChat\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\132.0.2957.115\AdSelectionAttestationsPreloaded\ad-selection-attestations.dat | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A0878B6E-DD85-4C52-9676-ADBAA80AA7FC}\EDGEMITMP_43BC4.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\sounds\action_falling.mp3 | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\MaterialGenerator\Materials\Marble.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\StudioToolbox\AssetConfig\restore.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\ui\PlayerList\NotificationOff.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\ui\VoiceChat\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\ExtraContent\textures\ui\LuaApp\ExternalSite\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\ExtraContent\textures\ui\LuaChat\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\ExtraContent\textures\ui\LuaChat\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\GameSettings\ScrollBarTop.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\131.0.2903.146\Locales\pt-BR.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B50.tmp\msedgeupdateres_ko.dll | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\ui\Chat\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\ui\Settings\Help\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\Temp\EU8B50.tmp\msedgeupdateres_sr-Latn-RS.dll | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\132.0.2957.115\Locales\zh-CN.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A0878B6E-DD85-4C52-9676-ADBAA80AA7FC}\EDGEMITMP_43BC4.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\131.0.2903.146\Locales\ml.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\CompositorDebugger\select.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\ui\PlayerList\PremiumIcon.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\ui\Settings\Players\Blocked.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\131.0.2903.146\vk_swiftshader_icd.json | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\AvatarEditorImages\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\ExtraContent\textures\ui\LuaApp\9-slice\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\132.0.2957.115\Locales\ms.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A0878B6E-DD85-4C52-9676-ADBAA80AA7FC}\EDGEMITMP_43BC4.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\131.0.2903.146\Installer\msedge_7z.data | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\PlatformContent\pc\textures\water\normal_22.dds | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\StudioSharedUI\models.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\ui\account_over13.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\ui\Controls\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\ui\PlayerList\Block.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\ExtraContent\textures\ui\LuaChat\icons\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeWebView\Application\132.0.2957.115\Trust Protection Lists\Mu\Content | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A0878B6E-DD85-4C52-9676-ADBAA80AA7FC}\EDGEMITMP_43BC4.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\fonts\families\Michroma.json | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\ui\TopBar\coloredlogo.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\131.0.2903.146\elevation_service.exe | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\131.0.2903.146\Locales\sk.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\131.0.2903.146\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll.sig | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\Edge\Application\131.0.2903.146\edge_feedback\camera_mf_trace.wprp | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\fonts\ComicNeue-Angular-Bold.ttf | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\fonts\NotoSansSinhalaUI-Regular.ttf | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\MaterialManager\Grid_DT.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\StudioToolbox\Voting\thumbs-up-filled.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\ui\PlayerList\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\ui\Settings\LeaveGame\Button_1080.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\ExtraContent\places\Maquettes.rbxl | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\avatar\defaultDynamicHeadV2.rbxm | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\131.0.2903.146\msedge_wer.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\131.0.2903.146\Locales\de.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\ui\VoiceChat\Misc\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\StudioToolbox\RoundedBorder.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\ui\Emotes\Editor\Large\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\ui\TopBar\emotesOn.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\ui\VoiceChat\MicLight\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File created | C:\Program Files (x86)\Microsoft\EdgeCore\132.0.2957.115\Locales\sv.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A0878B6E-DD85-4C52-9676-ADBAA80AA7FC}\EDGEMITMP_43BC4.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\132.0.2957.115\Locales\lo.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A0878B6E-DD85-4C52-9676-ADBAA80AA7FC}\EDGEMITMP_43BC4.tmp\setup.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\132.0.2957.115\BHO\ie_to_edge_bho_64.dll | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A0878B6E-DD85-4C52-9676-ADBAA80AA7FC}\EDGEMITMP_43BC4.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\StudioToolbox\ArrowCollapsed.png | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\131.0.2903.146\Locales\sl.pak | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\content\textures\ui\Controls\PlayStationController\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Microsoft\EdgeCore\131.0.2903.146\identity_proxy\canary.identity_helper.exe.manifest | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
Drops file in Windows directory
Subvert Trust Controls: Mark-of-the-Web Bypass
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6D072E04-CE2A-47FA-9963-4E7F16B86B5A}\MicrosoftEdgeUpdateSetup_X86_1.3.195.43.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\Temp\EU8B50.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\Temp\EU618E.tmp\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
System Network Configuration Discovery: Internet Connection Discovery
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz | C:\Program Files\Mozilla Firefox\firefox.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\BaseBoardManufacturer | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-player\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppName = "ie_to_edge_stub.exe" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\131.0.2903.146\\BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\Policy = "3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\EdgeIntegration | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Microsoft\Internet Explorer\Main\EnterpriseMode | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode\MSEdgePath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\AppPath = "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\131.0.2903.146\\BHO" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}\ = "IEToEdge Handler" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29} | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\microsoft-edge\WarnOnOpen = "0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\EdgeIntegration\AdapterLocations\C:\Program Files (x86)\Microsoft\Edge\Application = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Edge | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\WinTrust\Trust Providers\Software Publishing | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\trust\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\Disallowed | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Root\CTLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\TrustedPeople\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\SmartCardRoot\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Policies\Microsoft\SystemCertificates\CA\CRLs | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\SystemCertificates\Disallowed\Certificates | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E55B90F1-DA33-400B-B09E-3AFF7D46BD83}\ProxyStubClsid32\ = "{8B15189E-5465-4166-933D-1EABAD9648CB}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{5F6A18BB-6231-424B-8242-19E5BB94F8ED}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.CredentialDialogMachine" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A0B482A5-71D4-4395-857C-1F3B57FB8809}\ = "PSFactoryBuffer" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.43\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2603C88B-F971-4167-9DE1-871EE4A3DC84}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.43\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\NumMethods\ = "11" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.43\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{195A2EB3-21EE-43CA-9F23-93C2C9934E2E}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.OnDemandCOMClassMachineFallback\CurVer\ = "MicrosoftEdgeUpdate.OnDemandCOMClassMachineFallback.1.0" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C853632E-36CA-4999-B992-EC0D408CF5AB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{FEA2518F-758F-4B95-A59F-97FCEEF1F5D0} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{177CAE89-4AD6-42F4-A458-00EC3389E3FE}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{FF419FF9-90BE-4D9F-B410-A789F90E5A7C}\LocalizedString = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\msedgeupdate.dll,-3000" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F9C80B5-9E50-43C9-887C-7C6412E110DF}\ = "IAppCommand" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.43\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8F09CD6C-5964-4573-82E3-EBFF7702865B}\VersionIndependentProgID\ = "MicrosoftEdgeUpdate.CoreClass" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7E29BE61-5809-443F-9B5D-CF22156694EB}\ = "IAppCommand2" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{3805CA06-AC83-4F00-8A02-271DCD89BDEB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32\ = "{A0B482A5-71D4-4395-857C-1F3B57FB8809}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ = "IGoogleUpdate3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6DFFE7FE-3153-4AF1-95D8-F8FCCA97E56B}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\NumMethods\ = "4" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.43\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\.shtml\OpenWithProgids | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{AB4F4A7E-977C-4E23-AD8F-626A491715DF} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ = "IAppVersion" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E421557C-0628-43FB-BF2B-7C9F8A4D067C}\ = "Microsoft Edge Update Update3Web" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.43\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3E102DC6-1EDB-46A1-8488-61F71B35ED5F} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.43\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}\LocalizedString = "@C:\\Program Files (x86)\\Microsoft\\EdgeUpdate\\1.3.171.39\\msedgeupdate.dll,-3000" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{08D832B9-D2FD-481F-98CF-904D00DF63CC}\ProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\ie_to_edge_bho.IEToEdgeBHO.1\CLSID\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DDD4B5D4-FD54-497C-8789-0830F29A60EE}\ = "IGoogleUpdate3" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{C06EE550-7248-488E-971E-B60C0AB3A6E4}\NumMethods\ = "43" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2EC826CB-5478-4533-9015-7580B3B5E03A} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.43\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\CLSID\{B54934CD-71A6-4698-BDC2-AFEA5B86504C}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MIME\Database\Content Type\application/pdf\Extension = ".pdf" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\MSEdgePDF\shell | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusMachine\CLSID\ = "{B5977F34-9264-4AC3-9B31-1224827FF6E8}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2F5CB38-265F-4A02-9D1E-F25B664968AB} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.43\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{60355531-5BFD-45AB-942C-7912628752C7}\ProxyStubClsid32\ = "{A0B482A5-71D4-4395-857C-1F3B57FB8809}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.43\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{41E1FADF-C62D-4DF4-A0A2-A3BEB272D8AF}\InprocHandler32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.43\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{77857D02-7A25-4B67-9266-3E122A8F39E4}\ProgID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{79E0C401-B7BC-4DE5-8104-71350F3A9B67}\NumMethods\ = "5" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9E8F1B36-249F-4FC3-9994-974AFAA07B26}\InprocServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.43\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A5135E58-384F-4244-9A5F-30FA9259413C} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.43\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1B9063E4-3882-485E-8797-F28A0240782F}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.43\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7B3B7A69-7D88-4847-A6BC-90E246A41F69}\NumMethods | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.43\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\.html\OpenWithProgids | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.PolicyStatusSvc.1.0\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{7584D24A-E056-4EB1-8E7B-632F2B0ADC69}\ProxyStubClsid32 | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebMachine\CLSID\ = "{492E1C30-A1A2-4695-87C8-7A8CAD6F936F}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D}\ = "IJobObserver2" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\MicrosoftEdgeUpdate.Update3WebMachine\ = "Microsoft Edge Update Broker Class Factory" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ProxyStubClsid32\ = "{A0B482A5-71D4-4395-857C-1F3B57FB8809}" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.43\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8B15189E-5465-4166-933D-1EABAD9648CB}\InProcServer32\ThreadingModel = "Both" | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{837E40DA-EB1B-440C-8623-0F14DF158DC0}\ = "IAppBundleWeb" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{A6556DFF-AB15-4DC3-A890-AB54120BEAEC}\NumMethods\ = "7" | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.43\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{E4518371-7326-4865-87F8-D9D3F3B287A3} | C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{D9AA3288-4EA7-4E67-AE60-D18EADCB923D} | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\Interface | C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.43\MicrosoftEdgeUpdateComRegisterShell64.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\Unconfirmed 462210.crdownload:SmartScreen | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| File opened for modification | C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe:Zone.Identifier | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of UnmapMainImage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\RobloxPlayerBeta.exe | N/A |
Suspicious use of WriteProcessMemory
System policy modification
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\ | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} = "1" | C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe | N/A |
Uses Task Scheduler COM API
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\chrome-net-export-log.json
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc14e4cc40,0x7ffc14e4cc4c,0x7ffc14e4cc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1944,i,2384828666292927223,17909192385108130320,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1940 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1860,i,2384828666292927223,17909192385108130320,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1976 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2220,i,2384828666292927223,17909192385108130320,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=1816 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3088,i,2384828666292927223,17909192385108130320,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3140 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3144,i,2384828666292927223,17909192385108130320,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3288 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4428,i,2384828666292927223,17909192385108130320,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3100 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4476,i,2384828666292927223,17909192385108130320,262144 --variations-seed-version=20241006-180150.222000 --mojo-platform-channel-handle=3292 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc14d03cb8,0x7ffc14d03cc8,0x7ffc14d03cd8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1876 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2012 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2512 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4536 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4684 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4924 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4776 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3396 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5356 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5744 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5628 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5712 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3372 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4576 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5976 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=6108 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --service-sandbox-type=video_capture --mojo-platform-channel-handle=5764 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x00000000000004DC 0x00000000000004C8
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe"
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=1944 -parentBuildID 20240401114208 -prefsHandle 1872 -prefMapHandle 1864 -prefsLen 23678 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {03a99ac9-a9d7-4a1d-b1ae-d60988df27be} 916 "\\.\pipe\gecko-crash-server-pipe.916" gpu
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2344 -parentBuildID 20240401114208 -prefsHandle 2336 -prefMapHandle 2332 -prefsLen 23714 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ab1a998e-bc2c-4c6f-aea7-5016a1a5c09b} 916 "\\.\pipe\gecko-crash-server-pipe.916" socket
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3280 -childID 1 -isForBrowser -prefsHandle 2856 -prefMapHandle 2776 -prefsLen 23855 -prefMapSize 244658 -jsInitHandle 932 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {60d871a2-aba7-43d3-96e2-e20a161f3e54} 916 "\\.\pipe\gecko-crash-server-pipe.916" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=3836 -childID 2 -isForBrowser -prefsHandle 3820 -prefMapHandle 3816 -prefsLen 29088 -prefMapSize 244658 -jsInitHandle 932 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {fd22b4bf-35bc-49fc-ba7a-ae30f3b23c16} 916 "\\.\pipe\gecko-crash-server-pipe.916" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=4816 -parentBuildID 20240401114208 -sandboxingKind 0 -prefsHandle 4808 -prefMapHandle 4804 -prefsLen 29088 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {82854c06-4297-4f50-bf9a-6bd549a31f21} 916 "\\.\pipe\gecko-crash-server-pipe.916" utility
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5604 -childID 3 -isForBrowser -prefsHandle 5556 -prefMapHandle 5580 -prefsLen 27178 -prefMapSize 244658 -jsInitHandle 932 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {8c6a5782-07af-4156-919e-275509941785} 916 "\\.\pipe\gecko-crash-server-pipe.916" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5404 -childID 4 -isForBrowser -prefsHandle 5740 -prefMapHandle 5744 -prefsLen 27178 -prefMapSize 244658 -jsInitHandle 932 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {5e4ff622-1624-4243-9e2d-55c5c82f06e0} 916 "\\.\pipe\gecko-crash-server-pipe.916" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5904 -childID 5 -isForBrowser -prefsHandle 5912 -prefMapHandle 5916 -prefsLen 27178 -prefMapSize 244658 -jsInitHandle 932 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c4d06289-c5bf-441f-b906-b6843bb7d53f} 916 "\\.\pipe\gecko-crash-server-pipe.916" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=6340 -childID 6 -isForBrowser -prefsHandle 6416 -prefMapHandle 6376 -prefsLen 27178 -prefMapSize 244658 -jsInitHandle 932 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7db76d9f-d447-4076-9453-a4f98f7a446c} 916 "\\.\pipe\gecko-crash-server-pipe.916" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2696 -parentBuildID 20240401114208 -prefsHandle 4408 -prefMapHandle 4412 -prefsLen 33896 -prefMapSize 244658 -appDir "C:\Program Files\Mozilla Firefox\browser" - {bbd11f41-d566-4ccc-a784-b7f68a849512} 916 "\\.\pipe\gecko-crash-server-pipe.916" rdd
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=2704 -parentBuildID 20240401114208 -sandboxingKind 1 -prefsHandle 3212 -prefMapHandle 3208 -prefsLen 33896 -prefMapSize 244658 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bbe6e170-e74a-4ac2-bc92-833f0fd82f68} 916 "\\.\pipe\gecko-crash-server-pipe.916" utility
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=SAAAAAAAAADoAAAwAAAAAAAAAAAAAAAAAABgAAAQAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=4656 /prefetch:2
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5016 -childID 7 -isForBrowser -prefsHandle 6264 -prefMapHandle 6248 -prefsLen 28094 -prefMapSize 244658 -jsInitHandle 932 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {bb16f1f3-01d2-48be-bfa5-80ec926351dd} 916 "\\.\pipe\gecko-crash-server-pipe.916" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7016 -childID 8 -isForBrowser -prefsHandle 5720 -prefMapHandle 5764 -prefsLen 28094 -prefMapSize 244658 -jsInitHandle 932 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {d3bdfce0-2710-4616-add6-ccc450ec74a9} 916 "\\.\pipe\gecko-crash-server-pipe.916" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7176 -childID 9 -isForBrowser -prefsHandle 2624 -prefMapHandle 7148 -prefsLen 28094 -prefMapSize 244658 -jsInitHandle 932 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {e08f3c25-3ec2-47bd-a682-741e1c5b1f31} 916 "\\.\pipe\gecko-crash-server-pipe.916" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=7316 -childID 10 -isForBrowser -prefsHandle 7324 -prefMapHandle 7328 -prefsLen 28094 -prefMapSize 244658 -jsInitHandle 932 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {a8a190d6-26a1-42c5-941f-2137aab008f6} 916 "\\.\pipe\gecko-crash-server-pipe.916" tab
C:\Program Files\Mozilla Firefox\firefox.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel=5920 -childID 11 -isForBrowser -prefsHandle 6872 -prefMapHandle 6096 -prefsLen 28148 -prefMapSize 244658 -jsInitHandle 932 -jsInitLen 234952 -parentBuildID 20240401114208 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {68c9836b-d36d-4c93-afb7-6c84354e8eb4} 916 "\\.\pipe\gecko-crash-server-pipe.916" tab
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4776 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5796 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5000 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1020 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6028 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6312 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6280 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5416 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6464 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6500 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5420 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5228 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6248 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6064 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6768 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7076 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6864 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=1864,12793579352547609410,12286381858203458338,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6116 /prefetch:8
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
"C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe"
C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
MicrosoftEdgeWebview2Setup.exe /silent /install
C:\Program Files (x86)\Microsoft\Temp\EU8B50.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EU8B50.tmp\MicrosoftEdgeUpdate.exe" /silent /install "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.171.39\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RjNFRjc3OTItMjQ1Mi00RDM2LUIzOUQtRjQ4M0E3MjBENEREfSIgdXNlcmlkPSJ7RjI5MUVGMjUtQkU5Ni00Q0Y5LThFRTItNzkxRjFENzE0RTM0fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9Ins3NUZEMUQ4OC0zN0EwLTQ4QzMtQkM0RC02NDQxOEJDOTJGOTh9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE0My41NyIgbmV4dHZlcnNpb249IjEuMy4xNzEuMzkiIGxhbmc9IiIgYnJhbmQ9IiIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjgwMDg4NTAyNTMiIGluc3RhbGxfdGltZV9tcz0iMzk4Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /handoff "appguid={F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}&appname=Microsoft%20Edge%20Webview2%20Runtime&needsadmin=prefers" /installsource otherinstallcmd /sessionid "{F3EF7792-2452-4D36-B39D-F483A720D4DD}" /silent
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RjNFRjc3OTItMjQ1Mi00RDM2LUIzOUQtRjQ4M0E3MjBENEREfSIgdXNlcmlkPSJ7RjI5MUVGMjUtQkU5Ni00Q0Y5LThFRTItNzkxRjFENzE0RTM0fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntENEYzREZDNS0yQTVGLTRCMkMtQkNBMC0yMEM3RDJENzFBOTh9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSIiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTIzLjAuNjMxMi4xMjMiIG5leHR2ZXJzaW9uPSIxMjMuMC42MzEyLjEyMyIgbGFuZz0iZW4iIGJyYW5kPSJHR0xTIiBjbGllbnQ9IiI-PGV2ZW50IGV2ZW50dHlwZT0iMzEiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjUiIHN5c3RlbV91cHRpbWVfdGlja3M9IjgwMTMyMTgzMDIiLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A0878B6E-DD85-4C52-9676-ADBAA80AA7FC}\MicrosoftEdge_X64_132.0.2957.115.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A0878B6E-DD85-4C52-9676-ADBAA80AA7FC}\MicrosoftEdge_X64_132.0.2957.115.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A0878B6E-DD85-4C52-9676-ADBAA80AA7FC}\EDGEMITMP_43BC4.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A0878B6E-DD85-4C52-9676-ADBAA80AA7FC}\EDGEMITMP_43BC4.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A0878B6E-DD85-4C52-9676-ADBAA80AA7FC}\MicrosoftEdge_X64_132.0.2957.115.exe" --msedgewebview --verbose-logging --do-not-launch-msedge --system-level
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A0878B6E-DD85-4C52-9676-ADBAA80AA7FC}\EDGEMITMP_43BC4.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A0878B6E-DD85-4C52-9676-ADBAA80AA7FC}\EDGEMITMP_43BC4.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=132.0.6834.84 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{A0878B6E-DD85-4C52-9676-ADBAA80AA7FC}\EDGEMITMP_43BC4.tmp\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=132.0.2957.115 --initial-client-data=0x234,0x238,0x23c,0x210,0x240,0x7ff7f23aa818,0x7ff7f23aa824,0x7ff7f23aa830
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7RjNFRjc3OTItMjQ1Mi00RDM2LUIzOUQtRjQ4M0E3MjBENEREfSIgdXNlcmlkPSJ7RjI5MUVGMjUtQkU5Ni00Q0Y5LThFRTItNzkxRjFENzE0RTM0fSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiByZXF1ZXN0aWQ9IntCRDEwODg3NS1BRUU2LTRCMEMtODI4My1DMTQ5OUNFOUIwQkJ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIiIG5leHR2ZXJzaW9uPSIxMzIuMC4yOTU3LjExNSIgbGFuZz0iIiBicmFuZD0iIiBjbGllbnQ9IiIgZXhwZXJpbWVudHM9ImNvbnNlbnQ9ZmFsc2UiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iOSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODAyNzA3Njc4NyIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjUiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjgwMjcxMDY4MDkiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSI4NzA4MzQ1MTkyIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJiaXRzIiB1cmw9Imh0dHA6Ly9tc2VkZ2UuZi50bHUuZGwuZGVsaXZlcnkubXAubWljcm9zb2Z0LmNvbS9maWxlc3RyZWFtaW5nc2VydmljZS9maWxlcy83MjcyYjBjYi1jYTQ1LTQ0NjMtYTg5NS1mNzQ1YmZmZGY0N2E_UDE9MTczNzc0ODY0NiZhbXA7UDI9NDA0JmFtcDtQMz0yJmFtcDtQND1sZ1ZuRWpEM2dhaHJWTGtuTFJpNnklMmZkcHI0WDlrSHk3ZTAzakx0ZVQlMmZrZjdzb2FSN3lDbFNZMjRFNDY2cVNpdWJxQkNWaEl2QkR6R0VLdnVuejZmd0ElM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNzcwOTgzMzYiIHRvdGFsPSIxNzcwOTgzMzYiIGRvd25sb2FkX3RpbWVfbXM9IjYwODA4Ii8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iODcwODQ2NTE4NiIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjYiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9Ijg3MjM2NzY5NDkiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIyIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIxOTY3NTciIHN5c3RlbV91cHRpbWVfdGlja3M9IjkzMzI5MTA0NDIiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSIxMDQ4IiBkb3dubG9hZF90aW1lX21zPSI2ODEzMiIgZG93bmxvYWRlZD0iMTc3MDk4MzM2IiB0b3RhbD0iMTc3MDk4MzM2IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI2MDkyMSIvPjwvYXBwPjwvcmVxdWVzdD4
C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\RobloxPlayerBeta.exe
"C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\RobloxPlayerBeta.exe" -app -clientLaunchTimeEpochMs 0 -isInstallerLaunch 2848
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6D072E04-CE2A-47FA-9963-4E7F16B86B5A}\MicrosoftEdgeUpdateSetup_X86_1.3.195.43.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{6D072E04-CE2A-47FA-9963-4E7F16B86B5A}\MicrosoftEdgeUpdateSetup_X86_1.3.195.43.exe" /update /sessionid "{42E67423-42A6-4B00-863A-9BC97090AAB1}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xNzEuMzkiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NDJFNjc0MjMtNDJBNi00QjAwLTg2M0EtOUJDOTcwOTBBQUIxfSIgdXNlcmlkPSJ7RjI5MUVGMjUtQkU5Ni00Q0Y5LThFRTItNzkxRjFENzE0RTM0fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9Ins2RjA2QzY5Ri0wOUM1LTRCQ0MtQTUxOS05QTI0MDVENzVCN0J9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtyNDUydDErazJUZ3EvSFh6anZGTkJSaG9wQldSOXNialh4cWVVREg5dVgwPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTcxLjM5IiBuZXh0dmVyc2lvbj0iMS4zLjE5NS40MyIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjAiPjx1cGRhdGVjaGVjay8-PGV2ZW50IGV2ZW50dHlwZT0iMTIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExNDA3NzQ4NjMyIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjExNDA3Nzg4NTQyIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMTQiIGV2ZW50cmVzdWx0PSIwIiBlcnJvcmNvZGU9Ii0yMTQ3MDIzODM4IiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjQ3NjI4MzYzOCIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iZG8iIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzIwN2U4MDM1LTk5YmUtNDVkMi1iMmFhLTE4NWY2NzA5YzQwMz9QMT0xNzM3NzQ4OTg0JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PWJwWTM5eHdZR3FDQXJJdE1QUTdManlHY3V3VndBd2psJTJmczhIQWs4YTN6WExldDBWZmQwV3NhaHNCVTRndG5NJTJmJTJmUjFtYzRWR2lUNVJlZEhtNjBmRGp3JTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMCIgdG90YWw9IjAiIGRvd25sb2FkX3RpbWVfbXM9IjIiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTI0NzYyOTM3MjciIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIGRvd25sb2FkZXI9ImJpdHMiIHVybD0iaHR0cDovL21zZWRnZS5iLnRsdS5kbC5kZWxpdmVyeS5tcC5taWNyb3NvZnQuY29tL2ZpbGVzdHJlYW1pbmdzZXJ2aWNlL2ZpbGVzLzIwN2U4MDM1LTk5YmUtNDVkMi1iMmFhLTE4NWY2NzA5YzQwMz9QMT0xNzM3NzQ4OTg0JmFtcDtQMj00MDQmYW1wO1AzPTImYW1wO1A0PWJwWTM5eHdZR3FDQXJJdE1QUTdManlHY3V3VndBd2psJTJmczhIQWs4YTN6WExldDBWZmQwV3NhaHNCVTRndG5NJTJmJTJmUjFtYzRWR2lUNVJlZEhtNjBmRGp3JTNkJTNkIiBzZXJ2ZXJfaXBfaGludD0iIiBjZG5fY2lkPSItMSIgY2RuX2NjYz0iIiBjZG5fbXNlZGdlX3JlZj0iIiBjZG5fYXp1cmVfcmVmX29yaWdpbl9zaGllbGQ9IiIgY2RuX2NhY2hlPSIiIGNkbl9wM3A9IiIgZG93bmxvYWRlZD0iMTY1NDM0NCIgdG90YWw9IjE2NTQzNDQiIGRvd25sb2FkX3RpbWVfbXM9IjEwMjYwMyIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjQ3NjMxMzgwNSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxMjQ4MTU3MjExMSIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxwaW5nIHI9Ii0xIiByZD0iLTEiLz48L2FwcD48YXBwIGFwcGlkPSJ7NTZFQjE4RjgtQjAwOC00Q0JELUI2RDItOEM5N0ZFN0U5MDYyfSIgdmVyc2lvbj0iOTAuMC44MTguNjYiIG5leHR2ZXJzaW9uPSIiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgbGFzdF9sYXVuY2hfdGltZT0iMTMzODE2MTcxMTU0OTAxMTEwIj48dXBkYXRlY2hlY2svPjxwaW5nIGFjdGl2ZT0iMSIgYT0iLTEiIHI9Ii0xIiBhZD0iLTEiIHJkPSItMSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMzIuMC4yOTU3LjExNSIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIHVwZGF0ZV9jb3VudD0iMSI-PHVwZGF0ZWNoZWNrLz48cGluZyByPSItMSIgcmQ9Ii0xIiBwaW5nX2ZyZXNobmVzcz0iezI4MkM5RDMwLUJFOTMtNDM3OC1BNTIzLTIxQTkzNzVGMzNDRX0iLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files (x86)\Microsoft\Temp\EU618E.tmp\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\Temp\EU618E.tmp\MicrosoftEdgeUpdate.exe" /update /sessionid "{42E67423-42A6-4B00-863A-9BC97090AAB1}"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regsvc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /regserver
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.43\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.43\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.43\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.43\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.43\MicrosoftEdgeUpdateComRegisterShell64.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.195.43\MicrosoftEdgeUpdateComRegisterShell64.exe"
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuNDMiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NDJFNjc0MjMtNDJBNi00QjAwLTg2M0EtOUJDOTcwOTBBQUIxfSIgdXNlcmlkPSJ7RjI5MUVGMjUtQkU5Ni00Q0Y5LThFRTItNzkxRjFENzE0RTM0fSIgaW5zdGFsbHNvdXJjZT0ic2VsZnVwZGF0ZSIgcmVxdWVzdGlkPSJ7QjBCMjlDOTktQTQyRC00OEZELUI0QjYtMkIwMkYzQ0MyQjQ5fSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7cjQ1MnQxK2syVGdxL0hYemp2Rk5CUmhvcEJXUjlzYmpYeHFlVURIOXVYMD0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7RjNDNEZFMDAtRUZENS00MDNCLTk1NjktMzk4QTIwRjFCQTRBfSIgdmVyc2lvbj0iMS4zLjE3MS4zOSIgbmV4dHZlcnNpb249IjEuMy4xOTUuNDMiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSIwIiBpbnN0YWxsZGF0ZXRpbWU9IjE3MzcxNDM4NDMiPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjEyNDk1MDYxMjc1Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuNDMiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NEE5RUY4ODQtRDEyNi00RkVDLTk5RkEtQUIxODFCNzk4MjlGfSIgdXNlcmlkPSJ7RjI5MUVGMjUtQkU5Ni00Q0Y5LThFRTItNzkxRjFENzE0RTM0fSIgaW5zdGFsbHNvdXJjZT0ibGltaXRlZCIgcmVxdWVzdGlkPSJ7MDE4NDhERDYtQjVGQS00MjVELUJCMTgtREFEMzhFOEEwRkNGfSIgZGVkdXA9ImNyIiBkb21haW5qb2luZWQ9IjAiPjxodyBsb2dpY2FsX2NwdXM9IjgiIHBoeXNtZW1vcnk9IjgiIGRpc2tfdHlwZT0iMiIgc3NlPSIxIiBzc2UyPSIxIiBzc2UzPSIxIiBzc3NlMz0iMSIgc3NlNDE9IjEiIHNzZTQyPSIxIiBhdng9IjEiLz48b3MgcGxhdGZvcm09IndpbiIgdmVyc2lvbj0iMTAuMC4yMjAwMC40OTMiIHNwPSIiIGFyY2g9Ing2NCIgcHJvZHVjdF90eXBlPSI0OCIgaXNfd2lwPSIwIiBpc19pbl9sb2NrZG93bl9tb2RlPSIwIi8-PG9lbSBwcm9kdWN0X21hbnVmYWN0dXJlcj0iIiBwcm9kdWN0X25hbWU9IiIvPjxleHAgZXRhZz0iJnF1b3Q7RSt4YkF6Nlk2c1UxMjg5YlM2cWw0VlJMYmtqZkJVR1RNSnNqckhyNDRpST0mcXVvdDsiLz48YXBwIGFwcGlkPSJ7OEE2OUQzNDUtRDU2NC00NjNjLUFGRjEtQTY5RDlFNTMwRjk2fSIgdmVyc2lvbj0iMTIzLjAuNjMxMi4xMjMiIG5leHR2ZXJzaW9uPSIiIGxhbmc9ImVuIiBicmFuZD0iR0dMUyIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjEwMiIgaW5zdGFsbGRhdGV0aW1lPSIxNzI4MzAyODg1IiBvb2JlX2luc3RhbGxfdGltZT0iMTMzNzI3NzU2NzcxOTQwMDAwIj48ZXZlbnQgZXZlbnR0eXBlPSIzMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMjE3OTg2MiIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTYwMjU4MjY5MDEiLz48L2FwcD48L3JlcXVlc3Q-
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\MicrosoftEdge_X64_131.0.2903.146.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\MicrosoftEdge_X64_131.0.2903.146.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\MicrosoftEdge_X64_131.0.2903.146.exe" --msedge --verbose-logging --do-not-launch-msedge --system-level --channel=stable
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=131.0.6778.265 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=131.0.2903.146 --initial-client-data=0x23c,0x240,0x244,0x218,0x248,0x7ff78d812918,0x7ff78d812924,0x7ff78d812930
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe" --msedge --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1
C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=131.0.6778.265 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{15CE1FB3-BD31-40CC-A72D-682DC1F779DD}\EDGEMITMP_6ACED.tmp\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=131.0.2903.146 --initial-client-data=0x218,0x240,0x244,0x23c,0x248,0x7ff78d812918,0x7ff78d812924,0x7ff78d812930
C:\Program Files (x86)\Microsoft\Edge\Application\131.0.2903.146\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\131.0.2903.146\Installer\setup.exe" --msedge --channel=stable --remove-deprecated-packages --verbose-logging --system-level
C:\Program Files (x86)\Microsoft\Edge\Application\131.0.2903.146\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\131.0.2903.146\Installer\setup.exe" --msedge --channel=stable --update-game-assist-package --verbose-logging --system-level
C:\Program Files (x86)\Microsoft\Edge\Application\131.0.2903.146\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\131.0.2903.146\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=131.0.6778.265 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\131.0.2903.146\Installer\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=131.0.2903.146 --initial-client-data=0x23c,0x240,0x244,0x218,0x248,0x7ff68d1f2918,0x7ff68d1f2924,0x7ff68d1f2930
C:\Program Files (x86)\Microsoft\Edge\Application\131.0.2903.146\Installer\setup.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\131.0.2903.146\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\SystemTemp\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=131.0.6778.265 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\131.0.2903.146\Installer\setup.exe" --annotation=plat=Win64 --annotation=prod=Edge --annotation=ver=131.0.2903.146 --initial-client-data=0x23c,0x240,0x244,0x218,0x248,0x7ff68d1f2918,0x7ff68d1f2924,0x7ff68d1f2930
C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4xOTUuNDMiIHNoZWxsX3ZlcnNpb249IjEuMy4xNzEuMzkiIGlzbWFjaGluZT0iMSIgc2Vzc2lvbmlkPSJ7NEE5RUY4ODQtRDEyNi00RkVDLTk5RkEtQUIxODFCNzk4MjlGfSIgdXNlcmlkPSJ7RjI5MUVGMjUtQkU5Ni00Q0Y5LThFRTItNzkxRjFENzE0RTM0fSIgaW5zdGFsbHNvdXJjZT0ic2NoZWR1bGVyIiByZXF1ZXN0aWQ9IntDNzQ2NkI1Ny01MkMyLTQ0ODktQUYwMC00NTI1RDBBNjYxNzB9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IGxvZ2ljYWxfY3B1cz0iOCIgcGh5c21lbW9yeT0iOCIgZGlza190eXBlPSIyIiBzc2U9IjEiIHNzZTI9IjEiIHNzZTM9IjEiIHNzc2UzPSIxIiBzc2U0MT0iMSIgc3NlNDI9IjEiIGF2eD0iMSIvPjxvcyBwbGF0Zm9ybT0id2luIiB2ZXJzaW9uPSIxMC4wLjIyMDAwLjQ5MyIgc3A9IiIgYXJjaD0ieDY0IiBwcm9kdWN0X3R5cGU9IjQ4IiBpc193aXA9IjAiIGlzX2luX2xvY2tkb3duX21vZGU9IjAiLz48b2VtIHByb2R1Y3RfbWFudWZhY3R1cmVyPSIiIHByb2R1Y3RfbmFtZT0iIi8-PGV4cCBldGFnPSImcXVvdDtWUFFvUDFGK2ZxMTV3UnpoMWtQTDRQTXBXaDhPUk1CNWl6dnJPQy9jaGpRPSZxdW90OyIvPjxhcHAgYXBwaWQ9IntGM0M0RkUwMC1FRkQ1LTQwM0ItOTU2OS0zOThBMjBGMUJBNEF9IiB2ZXJzaW9uPSIxLjMuMTk1LjQzIiBuZXh0dmVyc2lvbj0iIiBsYW5nPSIiIGJyYW5kPSJJTkJYIiBjbGllbnQ9IiIgaW5zdGFsbGFnZT0iMCIgY29ob3J0PSJycmZAMC40MSI-PHVwZGF0ZWNoZWNrLz48cGluZyByZD0iNjU5MSIgcGluZ19mcmVzaG5lc3M9Ins1OTcxRkMwOC03OTUyLTRFM0QtOEQ4RC0yNzg3MEJFOERENzl9Ii8-PC9hcHA-PGFwcCBhcHBpZD0iezU2RUIxOEY4LUIwMDgtNENCRC1CNkQyLThDOTdGRTdFOTA2Mn0iIHZlcnNpb249IjkwLjAuODE4LjY2IiBuZXh0dmVyc2lvbj0iMTMxLjAuMjkwMy4xNDYiIGxhbmc9IiIgYnJhbmQ9IklOQlgiIGNsaWVudD0iIiBleHBlcmltZW50cz0iY29uc2VudD1mYWxzZSIgaXNfcGlubmVkX3N5c3RlbT0idHJ1ZSIgbGFzdF9sYXVuY2hfY291bnQ9IjEiIGxhc3RfbGF1bmNoX3RpbWU9IjEzMzgxNjE3MTE1NDkwMTExMCI-PHVwZGF0ZWNoZWNrLz48ZXZlbnQgZXZlbnR0eXBlPSIxMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTYwMzI3MzcxNTMiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxMyIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTYwMzI3ODcyMTUiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSIxNCIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDcwMjM4MzgiIGV4dHJhY29kZTE9IjAiIHN5c3RlbV91cHRpbWVfdGlja3M9IjE4ODM2MDAzOTAxIiBzb3VyY2VfdXJsX2luZGV4PSIwIiBkb25lX2JlZm9yZV9vb2JlX2NvbXBsZXRlPSIwIiBkb3dubG9hZGVyPSJkbyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvOGY4ZWY2NzYtYWNiMy00ZjE1LWE4NTQtMTYzNDRjYTAzZTkwP1AxPTE3Mzc3NDk0NDYmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9RFRieml0ODMlMmY0UWpFamE2SXpjeUlsdjJlT3A2amptMUpnQ0prYzNxUXo2WXVlZTUwVDFrWkpnajBNJTJma2dDUG9tNFN0WGFVVjNmS2VRWjdHWWNudyUyYmclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIwIiB0b3RhbD0iMCIgZG93bmxvYWRfdGltZV9tcz0iMSIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxODgzNjAzNDA1NSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vbXNlZGdlLmIudGx1LmRsLmRlbGl2ZXJ5Lm1wLm1pY3Jvc29mdC5jb20vZmlsZXN0cmVhbWluZ3NlcnZpY2UvZmlsZXMvOGY4ZWY2NzYtYWNiMy00ZjE1LWE4NTQtMTYzNDRjYTAzZTkwP1AxPTE3Mzc3NDk0NDYmYW1wO1AyPTQwNCZhbXA7UDM9MiZhbXA7UDQ9RFRieml0ODMlMmY0UWpFamE2SXpjeUlsdjJlT3A2amptMUpnQ0prYzNxUXo2WXVlZTUwVDFrWkpnajBNJTJma2dDUG9tNFN0WGFVVjNmS2VRWjdHWWNudyUyYmclM2QlM2QiIHNlcnZlcl9pcF9oaW50PSIiIGNkbl9jaWQ9Ii0xIiBjZG5fY2NjPSIiIGNkbl9tc2VkZ2VfcmVmPSIiIGNkbl9henVyZV9yZWZfb3JpZ2luX3NoaWVsZD0iIiBjZG5fY2FjaGU9IiIgY2RuX3AzcD0iIiBkb3dubG9hZGVkPSIxNzY3NTQyNTYiIHRvdGFsPSIxNzY3NTQyNTYiIGRvd25sb2FkX3RpbWVfbXM9IjI3NDIzNiIvPjxldmVudCBldmVudHR5cGU9IjE0IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxODgzNjE5NTU0NSIgc291cmNlX3VybF9pbmRleD0iMCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjE1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIiBzeXN0ZW1fdXB0aW1lX3RpY2tzPSIxODg1MDE3Njk4NCIgZG9uZV9iZWZvcmVfb29iZV9jb21wbGV0ZT0iMCIvPjxldmVudCBldmVudHR5cGU9IjMiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5Njc1NyIgc3lzdGVtX3VwdGltZV90aWNrcz0iMTk0Njc2NjUwNjAiIHNvdXJjZV91cmxfaW5kZXg9IjAiIGRvbmVfYmVmb3JlX29vYmVfY29tcGxldGU9IjAiIHVwZGF0ZV9jaGVja190aW1lX21zPSIzNjQiIGRvd25sb2FkX3RpbWVfbXM9IjI4MDMzNCIgZG93bmxvYWRlZD0iMTc2NzU0MjU2IiB0b3RhbD0iMTc2NzU0MjU2IiBwYWNrYWdlX2NhY2hlX3Jlc3VsdD0iMCIgaW5zdGFsbF90aW1lX21zPSI2MTc0NiIvPjxwaW5nIGFjdGl2ZT0iMCIgcmQ9IjY1OTEiIHBpbmdfZnJlc2huZXNzPSJ7MkMyQUZDREQtNTA2RS00NTIyLThFN0ItNUEzNTQ2MEI5REJFfSIvPjwvYXBwPjxhcHAgYXBwaWQ9IntGMzAxNzIyNi1GRTJBLTQyOTUtOEJERi0wMEMzQTlBN0U0QzV9IiB2ZXJzaW9uPSIxMzIuMC4yOTU3LjExNSIgbmV4dHZlcnNpb249IiIgbGFuZz0iIiBicmFuZD0iSU5CWCIgY2xpZW50PSIiIGNvaG9ydD0icnJmQDAuODgiIHVwZGF0ZV9jb3VudD0iMSI-PHVwZGF0ZWNoZWNrLz48cGluZyByZD0iNjU5MSIgcGluZ19mcmVzaG5lc3M9IntBRDA4NTlENy03N0MyLTRFOUItODNDNS05MTkyQjk1Qjk2MjJ9Ii8-PC9hcHA-PC9yZXF1ZXN0Pg
Network
| Country | Destination | Domain | Proto |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 3.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 2.17.113.72:443 | r.bing.com | tcp |
| GB | 2.17.113.72:443 | r.bing.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 2.17.113.81:443 | r.bing.com | tcp |
| GB | 2.17.113.75:443 | r.bing.com | tcp |
| GB | 2.17.113.75:443 | r.bing.com | tcp |
| GB | 2.17.113.81:443 | r.bing.com | tcp |
| NL | 40.126.32.76:443 | login.microsoftonline.com | tcp |
| US | 13.107.21.200:443 | bing.com | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 162.159.138.232:443 | status.discord.com | tcp |
| US | 162.159.138.232:443 | status.discord.com | tcp |
| US | 162.159.135.234:443 | remote-auth-gateway.discord.gg | tcp |
| US | 162.159.134.234:443 | remote-auth-gateway.discord.gg | tcp |
| US | 162.159.135.232:443 | status.discord.com | tcp |
| US | 35.186.224.24:443 | api.spotify.com | tcp |
| US | 35.186.224.24:443 | api.spotify.com | udp |
| US | 35.186.224.45:443 | dealer.spotify.com | tcp |
| US | 162.159.129.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.129.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.129.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.129.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.129.233:443 | cdn.discordapp.com | tcp |
| US | 162.159.129.233:443 | cdn.discordapp.com | tcp |
| US | 34.149.97.1:443 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | tcp |
| US | 8.8.8.8:53 | shavar.prod.mozaws.net | udp |
| US | 34.149.97.1:443 | firefox-api-proxy-prod.pocket.prod.cloudops.mozgcp.net | udp |
| US | 34.117.121.53:443 | firefox-settings-attachments.cdn.mozilla.net | tcp |
| N/A | 127.0.0.1:50506 | tcp | |
| US | 162.159.129.233:443 | cdn.discordapp.com | tcp |
| N/A | 127.0.0.1:50514 | tcp | |
| GB | 128.116.119.4:80 | auth.roblox.com | tcp |
| GB | 128.116.119.4:443 | auth.roblox.com | tcp |
| GB | 128.116.119.4:443 | auth.roblox.com | tcp |
| FR | 2.16.11.82:443 | a1962.dscw27.akamai.net | tcp |
| FR | 2.16.11.82:443 | a1962.dscw27.akamai.net | tcp |
| FR | 2.16.11.82:443 | a1962.dscw27.akamai.net | tcp |
| FR | 2.16.11.82:443 | a1962.dscw27.akamai.net | tcp |
| FR | 2.16.11.82:443 | a1962.dscw27.akamai.net | tcp |
| FR | 2.16.11.82:443 | a1962.dscw27.akamai.net | tcp |
| FR | 3.162.38.18:443 | static.rbxcdn.com | tcp |
| FR | 23.200.87.14:443 | js.rbxcdn.com | tcp |
| FR | 23.200.87.14:443 | js.rbxcdn.com | tcp |
| FR | 23.200.87.14:443 | js.rbxcdn.com | tcp |
| FR | 23.200.87.14:443 | js.rbxcdn.com | tcp |
| FR | 23.200.87.14:443 | js.rbxcdn.com | tcp |
| FR | 23.200.87.14:443 | js.rbxcdn.com | tcp |
| GB | 2.18.190.75:443 | a1899.dscw27.akamai.net | tcp |
| GB | 2.18.190.75:443 | a1899.dscw27.akamai.net | tcp |
| GB | 128.116.119.4:443 | auth.roblox.com | tcp |
| GB | 128.116.119.4:443 | auth.roblox.com | tcp |
| GB | 128.116.119.4:443 | auth.roblox.com | tcp |
| GB | 128.116.119.4:443 | auth.roblox.com | tcp |
| GB | 128.116.119.4:443 | auth.roblox.com | tcp |
| FR | 99.86.91.74:443 | apis.rbxcdn.com | tcp |
| GB | 128.116.119.4:443 | auth.roblox.com | tcp |
| GB | 128.116.119.4:443 | auth.roblox.com | tcp |
| FR | 2.16.11.82:443 | a1962.dscw27.akamai.net | tcp |
| FR | 3.162.38.18:443 | static.rbxcdn.com | tcp |
| FR | 23.200.87.14:443 | js.rbxcdn.com | tcp |
| GB | 2.18.190.75:443 | a1899.dscw27.akamai.net | tcp |
| US | 35.190.72.216:443 | prod.classify-client.prod.webservices.mozgcp.net | tcp |
| US | 35.190.72.216:443 | prod.classify-client.prod.webservices.mozgcp.net | udp |
| GB | 142.250.180.14:443 | redirector.gvt1.com | tcp |
| GB | 88.221.134.209:80 | ciscobinary.openh264.org | tcp |
| GB | 142.250.180.14:443 | redirector.gvt1.com | udp |
| GB | 74.125.175.169:443 | r4.sn-aigzrnsz.gvt1.com | tcp |
| GB | 74.125.175.169:443 | r4.sn-aigzrnsz.gvt1.com | udp |
| GB | 128.116.119.4:443 | auth.roblox.com | tcp |
| GB | 128.116.119.4:443 | auth.roblox.com | tcp |
| GB | 128.116.119.4:443 | auth.roblox.com | tcp |
| GB | 128.116.119.4:443 | auth.roblox.com | tcp |
| FR | 2.16.11.82:443 | a1962.dscw27.akamai.net | tcp |
| FR | 23.200.87.14:443 | js.rbxcdn.com | tcp |
| GB | 2.18.190.75:443 | a1899.dscw27.akamai.net | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| FR | 18.245.175.6:443 | arkoselabs.roblox.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| FR | 18.245.175.6:443 | arkoselabs.roblox.com | udp |
| FR | 2.16.11.128:443 | images.rbxcdn.com | tcp |
| GB | 2.19.252.155:443 | a1993.g.akamai.net | tcp |
| FR | 18.245.175.6:443 | arkoselabs.roblox.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| IE | 20.223.54.233:443 | links.duckduckgo.com | tcp |
| IE | 20.223.54.233:443 | links.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.125.222:443 | external-content.duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| IE | 52.142.124.215:443 | duckduckgo.com | tcp |
| GB | 142.250.180.5:80 | mail.google.com | tcp |
| GB | 142.250.180.5:80 | mail.google.com | tcp |
| GB | 142.250.180.5:443 | mail.google.com | tcp |
| NL | 173.194.69.84:443 | accounts.google.com | tcp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| GB | 142.250.178.14:443 | apis.google.com | tcp |
| GB | 142.250.178.14:443 | apis.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.178.14:443 | apis.google.com | tcp |
| GB | 142.250.178.14:443 | apis.google.com | udp |
| NL | 142.250.153.94:443 | accounts.google.co.uk | tcp |
| NL | 142.250.153.94:443 | accounts.google.co.uk | udp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | tcp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | udp |
| GB | 216.58.212.238:443 | lh3.google.com | tcp |
| US | 8.8.8.8:53 | ogads-pa.clients6.google.com | udp |
| GB | 142.250.178.14:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | plus.l.google.com | udp |
| GB | 142.250.179.234:443 | waa-pa.clients6.google.com | tcp |
| GB | 142.250.179.234:443 | waa-pa.clients6.google.com | tcp |
| US | 8.8.8.8:53 | waa-pa.clients6.google.com | udp |
| GB | 142.250.178.14:443 | plus.l.google.com | udp |
| US | 8.8.8.8:53 | plus.l.google.com | udp |
| GB | 142.250.179.234:443 | appsgrowthpromo-pa.clients6.google.com | udp |
| GB | 216.58.212.238:443 | lh3.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.200.33:443 | googlehosted.l.googleusercontent.com | tcp |
| GB | 142.250.179.234:443 | appsgrowthpromo-pa.clients6.google.com | udp |
| GB | 142.250.200.33:443 | googlehosted.l.googleusercontent.com | tcp |
| GB | 216.58.212.202:443 | appsgrowthpromo-pa.clients6.google.com | tcp |
| GB | 216.58.212.202:443 | appsgrowthpromo-pa.clients6.google.com | tcp |
| GB | 216.58.212.202:443 | appsgrowthpromo-pa.clients6.google.com | udp |
| GB | 142.250.200.33:443 | googlehosted.l.googleusercontent.com | udp |
| US | 8.8.8.8:53 | addons-pa.clients6.google.com | udp |
| GB | 216.58.201.106:443 | addons-pa.clients6.google.com | tcp |
| GB | 216.58.201.106:443 | addons-pa.clients6.google.com | tcp |
| US | 8.8.8.8:53 | 33.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| GB | 216.58.201.106:443 | addons-pa.clients6.google.com | udp |
| GB | 172.217.16.234:443 | signaler-pa.clients6.google.com | tcp |
| GB | 172.217.16.234:443 | signaler-pa.clients6.google.com | tcp |
| US | 8.8.8.8:53 | peoplestackwebexperiments-pa.clients6.google.com | udp |
| GB | 216.58.213.10:443 | peoplestack-pa.clients6.google.com | tcp |
| GB | 216.58.213.10:443 | peoplestack-pa.clients6.google.com | tcp |
| GB | 142.250.178.14:443 | ogs.google.com | tcp |
| GB | 172.217.16.234:443 | signaler-pa.clients6.google.com | udp |
| GB | 142.250.178.14:443 | ogs.google.com | tcp |
| GB | 142.250.178.14:443 | ogs.google.com | udp |
| GB | 142.250.178.14:443 | ogs.google.com | tcp |
| GB | 216.58.213.10:443 | peoplestack-pa.clients6.google.com | udp |
| GB | 142.250.178.14:443 | ogs.google.com | tcp |
| GB | 142.250.178.14:443 | ogs.google.com | udp |
| US | 8.8.8.8:53 | edge-term4-lhr2.roblox.com | udp |
| GB | 216.58.213.10:443 | peoplestack-pa.clients6.google.com | tcp |
| GB | 216.58.213.10:443 | peoplestack-pa.clients6.google.com | tcp |
| GB | 216.58.213.10:443 | peoplestack-pa.clients6.google.com | udp |
| GB | 172.217.16.229:443 | googlemail.l.google.com | tcp |
| GB | 172.217.16.229:443 | googlemail.l.google.com | tcp |
| US | 8.8.8.8:53 | 229.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | dapx4swc8lj69.cloudfront.net | udp |
| US | 8.8.8.8:53 | dapx4swc8lj69.cloudfront.net | udp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | images-ext-1.discordapp.net | udp |
| US | 162.159.130.232:443 | images-ext-1.discordapp.net | tcp |
| US | 162.159.130.232:443 | images-ext-1.discordapp.net | tcp |
| US | 162.159.130.232:443 | images-ext-1.discordapp.net | tcp |
| US | 162.159.130.232:443 | images-ext-1.discordapp.net | tcp |
| US | 162.159.130.232:443 | images-ext-1.discordapp.net | tcp |
| US | 162.159.130.232:443 | images-ext-1.discordapp.net | tcp |
| US | 95.100.153.149:443 | th.bing.com | tcp |
| US | 95.100.153.149:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 95.100.153.151:443 | r.bing.com | tcp |
| US | 95.100.153.149:443 | r.bing.com | tcp |
| US | 95.100.153.149:443 | r.bing.com | tcp |
| US | 95.100.153.151:443 | r.bing.com | tcp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| GB | 128.116.119.4:80 | auth.roblox.com | tcp |
| GB | 128.116.119.4:80 | auth.roblox.com | tcp |
| GB | 128.116.119.4:443 | auth.roblox.com | tcp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| NL | 88.221.254.67:443 | css.rbxcdn.com | tcp |
| NL | 88.221.254.67:443 | css.rbxcdn.com | tcp |
| NL | 88.221.254.67:443 | css.rbxcdn.com | tcp |
| NL | 88.221.254.67:443 | css.rbxcdn.com | tcp |
| NL | 88.221.254.67:443 | css.rbxcdn.com | tcp |
| NL | 88.221.254.67:443 | css.rbxcdn.com | tcp |
| FR | 3.162.38.51:443 | static.rbxcdn.com | tcp |
| FR | 23.200.87.14:443 | js.rbxcdn.com | tcp |
| FR | 23.200.87.14:443 | js.rbxcdn.com | tcp |
| FR | 23.200.87.14:443 | js.rbxcdn.com | tcp |
| FR | 23.200.87.14:443 | js.rbxcdn.com | tcp |
| FR | 23.200.87.14:443 | js.rbxcdn.com | tcp |
| FR | 23.200.87.14:443 | js.rbxcdn.com | tcp |
| FR | 3.164.163.90:80 | crt.rootg2.amazontrust.com | tcp |
| NL | 88.221.254.67:443 | css.rbxcdn.com | tcp |
| FR | 18.245.175.119:443 | images.rbxcdn.com | tcp |
| FR | 18.245.175.119:443 | images.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 50.201.222.52.in-addr.arpa | udp |
| GB | 128.116.119.4:443 | ncs.roblox.com | tcp |
| GB | 128.116.119.4:443 | ncs.roblox.com | tcp |
| FR | 99.86.91.66:443 | apis.rbxcdn.com | tcp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | udp |
| GB | 2.19.252.160:443 | setup.rbxcdn.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | udp |
| N/A | 127.0.0.1:55386 | tcp | |
| GB | 128.116.119.4:443 | ncs.roblox.com | tcp |
| FR | 13.249.9.45:443 | clientsettingscdn.roblox.com | tcp |
| GB | 2.19.252.160:443 | setup.rbxcdn.com | tcp |
| N/A | 127.0.0.1:55390 | tcp | |
| N/A | 127.0.0.1:55405 | tcp | |
| GB | 2.19.252.160:443 | setup.rbxcdn.com | tcp |
| GB | 2.19.252.160:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | msedge.api.cdp.microsoft.com | udp |
| US | 4.155.164.36:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 199.232.210.172:80 | msedge.f.tlu.dl.delivery.mp.microsoft.com | tcp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 162.159.135.232:443 | discord.com | tcp |
| US | 162.159.130.232:443 | media.discordapp.net | tcp |
| US | 162.159.130.233:443 | cdn.discordapp.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 216.58.212.202:443 | waa-pa.clients6.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 216.58.212.202:443 | waa-pa.clients6.google.com | tcp |
| GB | 128.116.119.4:443 | client-telemetry.roblox.com | tcp |
| N/A | 127.0.0.1:56155 | tcp | |
| N/A | 127.0.0.1:56160 | tcp | |
| GB | 128.116.119.4:443 | client-telemetry.roblox.com | tcp |
| SE | 2.21.240.99:443 | i.scdn.co | tcp |
| SE | 2.21.240.99:443 | i.scdn.co | tcp |
| US | 8.8.8.8:53 | 99.240.21.2.in-addr.arpa | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 52.252.28.242:443 | msedge.api.cdp.microsoft.com | tcp |
| US | 199.232.210.172:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | udp |
| GB | 142.250.180.5:443 | mail.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | waa-pa.clients6.google.com | udp |
| GB | 216.58.212.202:443 | waa-pa.clients6.google.com | udp |
| GB | 172.217.169.74:443 | waa-pa.clients6.google.com | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | 74.169.217.172.in-addr.arpa | udp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| NL | 173.194.69.84:443 | accounts.google.com | tcp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | udp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | tcp |
| GB | 142.250.180.5:443 | mail.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | signaler-pa.clients6.google.com | udp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.178.10:443 | waa-pa.clients6.google.com | udp |
| GB | 216.58.212.234:443 | waa-pa.clients6.google.com | tcp |
| GB | 216.58.212.234:443 | waa-pa.clients6.google.com | tcp |
| US | 8.8.8.8:53 | 234.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 8.8.8.8:53 | signaler-pa.clients6.google.com | udp |
| NL | 4.175.87.113:443 | msedge.api.cdp.microsoft.com | tcp |
| DE | 2.16.202.59:80 | msedge.b.tlu.dl.delivery.mp.microsoft.com | tcp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | udp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | tcp |
| GB | 142.250.180.5:443 | mail.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.178.10:443 | waa-pa.clients6.google.com | udp |
| GB | 142.250.180.10:443 | waa-pa.clients6.google.com | tcp |
| NL | 173.194.69.84:443 | accounts.google.com | udp |
| NL | 173.194.69.84:443 | accounts.google.com | tcp |
| US | 8.8.8.8:53 | signaler-pa.clients6.google.com | udp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | udp |
| GB | 142.250.180.5:443 | mail.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | udp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | tcp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 216.58.201.106:443 | signaler-pa.clients6.google.com | udp |
| GB | 216.58.201.106:443 | signaler-pa.clients6.google.com | tcp |
| GB | 142.250.200.3:443 | ssl.gstatic.com | udp |
| GB | 142.250.180.5:443 | mail.google.com | tcp |
Files
\??\pipe\crashpad_2316_QYAAZBWVATAXTMGX
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 1c3c4d0288e02e1941ff87b18a24c1b6 |
| SHA1 | 800ac1fbce80eaf25c32d4d1af6a885f6d403f0f |
| SHA256 | 95f19f5459806c2d4cdac0866af18794945ad0b49106f6d0d27a5b91fc39d2c6 |
| SHA512 | 940b3a35209b85d4d10e4442e3191a203a456c34f71dac0070804d680eb0a6fa13f9f7f5b1bb8d0b7303edb83e21cfcf3106014ee02fe90264fe08be16dde114 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1e0807659fc18839a1f8669acd1980b3 |
| SHA1 | 74f13e21f7ed876af1564934fca0a6ad6ccdf9b9 |
| SHA256 | 90e6011a2d37941f780eb2a192c9c2170d042b47395c25fe2572c8e6822c9e9d |
| SHA512 | 6c709764cbb85fc056e9e5ba33d950b6833fe07b353a0bbf85ceecff66d45fd8ecabb289d84adea9d3f17b3303c8f46a7284ff6f61e239044d9852c21a2d2591 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | b25c77ed3975819ca6b237e3fc498677 |
| SHA1 | 163332857707051137525e1ba719b102d513a1c0 |
| SHA256 | 1f04352b4bb26db72b0a182cd8b08d6d922e52b184aac2dc25988a303ccbc533 |
| SHA512 | 5f2e0a9f9f85eb7d14761760e2c1c3cded856bc4c0c3434f4c5d280c8806e3867044984b774d1608c0b3231d1911cedfb2e70602bcc944ec6e21a8adcebc4459 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 337239b388dad09360b19d2cc877fff7 |
| SHA1 | d353e6bf8d1de0cef0e10effc9258590df9ce5ce |
| SHA256 | 3182f0a7cd16b923693abec941235d0ec5c8b798e64b7b949b75e84d9c12a5c4 |
| SHA512 | e49bfb7ad8267b665c98527c51b48585e65057d241e48e1ab4ee2f2073b4ace31f7e52e8d98859e0ebc7ea28e39115aaebded3afed62de39bb6c0f3d307762e1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 46e6ad711a84b5dc7b30b75297d64875 |
| SHA1 | 8ca343bfab1e2c04e67b9b16b8e06ba463b4f485 |
| SHA256 | 77b51492a40a511e57e7a7ecf76715a2fd46533c0f0d0d5a758f0224e201c77f |
| SHA512 | 8472710b638b0aeee4678f41ed2dff72b39b929b2802716c0c9f96db24c63096b94c9969575e4698f16e412f82668b5c9b5cb747e8a2219429dbb476a31d297e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | fdee96b970080ef7f5bfa5964075575e |
| SHA1 | 2c821998dc2674d291bfa83a4df46814f0c29ab4 |
| SHA256 | a241023f360b300e56b2b0e1205b651e1244b222e1f55245ca2d06d3162a62f0 |
| SHA512 | 20875c3002323f5a9b1b71917d6bd4e4c718c9ca325c90335bd475ddcb25eac94cb3f29795fa6476d6d6e757622b8b0577f008eec2c739c2eec71d2e8b372cff |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 03e299c992d1fe3aa9119aaeab4e0e03 |
| SHA1 | cb78afe9bedb65bb8ef54c1dd660b13ef50967d4 |
| SHA256 | 455d501b70b8a3eae308fcbb24bb7bdb833a2b3d5565f8c3d7bb42796c6831e4 |
| SHA512 | 287dc47adf2300fd3f9e39d68acab5099bc35d8411a2c7de265beaaab6720865653f16d90c9b80d0b4ba52551a9eed4f7c257148a9065bac1eebed6c0b1b1a92 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 206702161f94c5cd39fadd03f4014d98 |
| SHA1 | bd8bfc144fb5326d21bd1531523d9fb50e1b600a |
| SHA256 | 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167 |
| SHA512 | 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 5f3ca659a7f57a71d41b43dc5b819554 |
| SHA1 | 97e87816902910a7f14faee174f3d09dae4e3d73 |
| SHA256 | 5bb1f7f6fcfd9b18e4ed73b712ef392607dba17c16e172089ed1730443cd336e |
| SHA512 | cb632c1b7c42faba552fd9a732fef835205660041310d5b4eb705b2e3f0660379f53f86c60f85c4dada9d319098150a2b67347560730c4dfbc3f882c5a1d46a7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 52615c72e603bb04c2f1f426eccdef64 |
| SHA1 | 2fa4c71ff7c6c041b35a892f1bd5240b62d84347 |
| SHA256 | c25976e545a7f9e2c8448c15abf31d07b56ce25360950fc04a082efc61bc4aa4 |
| SHA512 | 1ee746118cf2a2829fa091d8ebab2969dcdfc3499b7f0bcebeb7e598c4f43755a28d76cc34c4cc54157adbdc81e41d088169b206a135ba06d3f2bdd6c872b578 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000006
| MD5 | 1bd4ae71ef8e69ad4b5ffd8dc7d2dcb5 |
| SHA1 | 6dd8803e59949c985d6a9df2f26c833041a5178c |
| SHA256 | af18b3681e8e2a1e8dc34c2aa60530dc8d8a9258c4d562cbe20c898d5de98725 |
| SHA512 | b3ff083b669aca75549396250e05344ba2f1c021468589f2bd6f1b977b7f11df00f958bbbd22f07708b5d30d0260f39d8de57e75382b3ab8e78a2c41ef428863 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000004
| MD5 | 69df804d05f8b29a88278b7d582dd279 |
| SHA1 | d9560905612cf656d5dd0e741172fb4cd9c60688 |
| SHA256 | b885987a52236f56ce7a5ca18b18533e64f62ab64eb14050ede93c93b5bd5608 |
| SHA512 | 0ef49eeeeb463da832f7d5b11f6418baa65963de62c00e71d847183e0035be03e63c097103d30329582fe806d246e3c0e3ecab8b2498799abbb21d8b7febdc0e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000003
| MD5 | d6b36c7d4b06f140f860ddc91a4c659c |
| SHA1 | ccf16571637b8d3e4c9423688c5bd06167bfb9e9 |
| SHA256 | 34013d7f3f0186a612bef84f2984e2767b32c9e1940df54b01d5bd6789f59e92 |
| SHA512 | 2a9dd9352298ec7d1b439033b57ee9a390c373eeb8502f7f36d6826e6dd3e447b8ffd4be4f275d51481ef9a6ac2c2d97ef98f3f9d36a5a971275bf6cee48e487 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000005
| MD5 | 56d57bc655526551f217536f19195495 |
| SHA1 | 28b430886d1220855a805d78dc5d6414aeee6995 |
| SHA256 | f12de7e272171cda36389813df4ba68eb2b8b23c58e515391614284e7b03c4d4 |
| SHA512 | 7814c60dc377e400bbbcc2000e48b617e577a21045a0f5c79af163faa0087c6203d9f667e531bbb049c9bd8fb296678e6a5cdcad149498d7f22ffa11236b51cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | b8e766b39d0b218189d9e345c32c93f2 |
| SHA1 | 55218837a66a2b98a59a540b5240cb46931eccce |
| SHA256 | 9129b358349103e482a081e381412537371b952d1fa657f36a60710d21942705 |
| SHA512 | 4eee1cd9a977f1866d2ca3e40585a65f2453eb202b4a25556af85588b15d6ebe1d463fcc3ed36dfeb35cb0c0eb29bfdbb297ec8f81aba4de0a004a150adadd63 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | fa7989de6512821bd3b26bb6ba9240c5 |
| SHA1 | b9e45a08231f7376388b9616fbc6e5c7c02d5561 |
| SHA256 | c8f55ad1f022d5119617ef3af0024880a3b7488076e3138aa35ed1d929b8a9c0 |
| SHA512 | e2e823c4eabdf75d7cf67c8bf0374f53643a96e2e0055a28e69b5e9eca9d380b3ba33ba7d30c108dd354a99f6ea76b961899c3fdeda22026b647b70cf828e62d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57e86c.TMP
| MD5 | 13ab8821139233df6f0586402f69d306 |
| SHA1 | 77ee4ff6864091fcd85bfa339f4cd6b8c950ad0f |
| SHA256 | 247fa03e6357f7794a252857a42fbd75222418187030a6345270c3892ffb8a99 |
| SHA512 | 79695b731f034eafd2560c8149f5d873f52b108073220313cf29b0831eaaa07d82503cb5515a8c4cc0398b167aa6f804965f46c70aa6d270bfd644fc3c33f0b6 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\datareporting\glean\pending_pings\c44c8399-ac2c-4ab5-b492-b712a4e6b819
| MD5 | e02b562f8bc0a9fb63ec4485933c297c |
| SHA1 | 562209157e47b0daa5a3243dd63557e5de1aedb3 |
| SHA256 | 81fc62f31e9476ba021cacad2f198f0f436e2c643fa522c91712aa05d5f0cff5 |
| SHA512 | 0d5aaaf882d9930d5812ea0b4fc8457cf314aaa1a55a5a61efe91d547f0cbbe53c3abcb757a566d54e5d635636b1e400e4cf128aca948313d1bf1709dc281326 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\datareporting\glean\pending_pings\5747bc9c-f703-45ce-bb1f-16d915ffc015
| MD5 | 200b18ff3cecd4b37f9d2fd5f2adb4bd |
| SHA1 | 3244b57dabf6924419570da669870353bc00483b |
| SHA256 | d09cda6d5ee118539d69e350b859e9fd3e64e9151e7b115fd0b7522532e05b74 |
| SHA512 | ca86dc585b97fc2513bf16d89b3544109f5f0c740282af933a2da9908cbc8e8839154bdd22e6abf34623c683b53b97914122533bad4b4349be1c88c22898930b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\datareporting\glean\pending_pings\07794be9-26b7-4272-a62e-9a1369c17dbb
| MD5 | 6685501ac5d8b3e0f4a5f0a750d43cc4 |
| SHA1 | a8dcd0d2ac9a054099916cfc176ae73106cf30b7 |
| SHA256 | b79b195d81c6142190a6f955e05029b59798289a5f94eafd19595530e4cc78e2 |
| SHA512 | 0f284d3558b6aaa299084e23a4ebde8f91656010d019157550e87646b84c8936860737f405a8314106c9f2484a15cdd3f3417f91ab7408c67ec80f25b628e124 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 325f17f2e27bba86a082f38a8bdad8e2 |
| SHA1 | 3456e7c60b381e2749939f991312f8a4693563cf |
| SHA256 | ec618f13a32624a907db72bffa71f3db85443df65a4a3abd4b7aad0df12171a6 |
| SHA512 | 55c5dec1bdca71f902486bd3a4ff2cac20131ac9d534f2fd6771742f203da81b98dbb70b0039a0e1e7d2b24bfb960b896674b52371b1baac95c5c0a2f93e0523 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 8084948b44e5728b220fb5f5a9d573c3 |
| SHA1 | 6ca7c1f67b0de1953282065ddf4b21b880fb75c2 |
| SHA256 | 1e408b5dc2cbd57e9c4f526ab401431c3f94f16775a7ad63d6cfbe461c393ee0 |
| SHA512 | 15dc99942dbf85b72e59df9016e5b2293f44dada4d506f2a3c58688c47914da552f6fa55b93592d1fb2ed8d550615ca8d9326caadef91c402e6733c8663904d4 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\activity-stream.discovery_stream.json
| MD5 | 1509b64f333e3b91c5ab9d0690017c5f |
| SHA1 | f6be8a3346add5024d7842b8583a7025a5963c8e |
| SHA256 | bd0f28d16eeb702d4d4b8ed5f60497454a850394baac23a06279f8f9fd65d3dd |
| SHA512 | 97bfaa9b7c9b2f8ac7c29957e455f4a46aafe62e2f6c0f666c0ef68c92ddfd6aab92d29b70c00dd432fa6cd124b58d1bb52914ca4ebb2d54d625eb6947f61c3b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\settings\main\ms-language-packs\browser\newtab\asrouter.ftl
| MD5 | 96c542dec016d9ec1ecc4dddfcbaac66 |
| SHA1 | 6199f7648bb744efa58acf7b96fee85d938389e4 |
| SHA256 | 7f32769d6bb4e875f58ceb9e2fbfdc9bd6b82397eca7a4c5230b0786e68f1798 |
| SHA512 | cda2f159c3565bc636e0523c893b293109de2717142871b1ec78f335c12bad96fc3f62bcf56a1a88abdeed2ac3f3e5e9a008b45e24d713e13c23103acc15e658 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\prefs.js
| MD5 | 15e8bd0ad56e054e57f7f20b8176ee31 |
| SHA1 | dcc5315526dc6125db111966202289792079ff1d |
| SHA256 | 9a61eccc5497fc76f30c9c3a7512a10779025319644bd1938c2b977bc07196c0 |
| SHA512 | 82acb460dc189c084f58ba7b2b6cdac12015c2c080b340ba408203d6ab91aed0bc7ae281117e9d8b4e02b337c8dc6c3036b847b097776c90201b9c573fa5a71a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5b0abae7c8cf4656e612ff22b413c954 |
| SHA1 | 73a2db15047139ff8079a0b3174da09c5b345e66 |
| SHA256 | a0db3cf64deb76d80f401a226f4bf3eaea7d6fee31ae22bc90ce15986c1428a6 |
| SHA512 | 9c454238165626ac6b5b538761b3d7abef39255a15b3aa41f5848a420c54f100d914e96c62b50fa7e4b31e9eead7bed7099fa3d2befb3ed4859d1fde1d226737 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | 5d0a485c6575ffa77a45a9789921f9f0 |
| SHA1 | 207468b870c413099bb675a3e162346ee2d417bc |
| SHA256 | 728b08f74ada44e54c1b8c28beb43047e7f2c34e6abf27484626975807a5a17c |
| SHA512 | fc94ec23d20863fad9ac2e97d919efb4d40bb9a914df7ecaeb063e6284cb008bb5ae1ec37eacc25aa3ea706ef1f00f769632314bfd5ff615b4dc217c3ebbc279 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 33c67ad24188082348438411dcccf165 |
| SHA1 | ed2c66380d3a0a5353a8251af04dc444fb5617e0 |
| SHA256 | ab98de9689da2566acd887ab9ac0afe030a86a013048a1e13e0fef8d07c57272 |
| SHA512 | 45c105e840a7ed7065211fe2b1b112b77bd5ae323a97830fd6a75308f3756bafec61680dbd9667744c5bea0308b14f566f7afb8305a18e858ac53c71f77f755c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Login Data
| MD5 | 960df670fea52297ab0303018e4d7e43 |
| SHA1 | e09a58b064676941af445c5df96e42f711d46289 |
| SHA256 | 200db4c1c1c006cf407b7d0eed19e649c72676e991c46f1aa05c7bffa765a7c3 |
| SHA512 | a5bf6553847b25c3fedb7b0b1b861109f625115c5c66cd52c9545a2d3415e4b5b24ba6a46b501d7d4a734a61e8083732c092bec4ab8b53092de6f75799f4f9e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
| MD5 | b463bfdbfa7fbf50add69e1d761bfa60 |
| SHA1 | 911d721c5ee4d2963ebdf055b2b4f56142bda02b |
| SHA256 | 125dc071d0e954e44aa7d8ee178921f366fbc5d009dd9cd8f37959d493ab5275 |
| SHA512 | 71bd6c615197ee0790bc82732dba6e56ec27f9c3486568c0428061e4b8b09c2eb34c7faf23521b354e8423415942eb60df054ff272b7b48adcc0bb190b1fa467 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History
| MD5 | c5adffc150f99f75f3907ff925d0c94d |
| SHA1 | 5ef641946644072036dd460ead201071f5bba717 |
| SHA256 | 296aa1299b5dab6d4c3ee427985dbc916325f9fcea900bef93334c9a424e015a |
| SHA512 | ea6b38bcec0c935073c3e8ada17f46cef282cc6e6fc50329a13a330d8c8007b8bd95e84b36906db4fded080184e722dcb3cc2b82841e9788c9796f150a75a9ca |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\CBB3AF37072E075C70D6CACBE827A43A2FA5106A
| MD5 | e13fc880f013c78e3a4c82497c64fef8 |
| SHA1 | ebfd55a0765b8400a70b7ae92ab24ca8ea93ca95 |
| SHA256 | d2addb21cb500df3375839b5925e2638139a18075beab37b3897420cd67b6a98 |
| SHA512 | 96f0ffa9071820147ec9f577dfa8c71b29d4679d186db2b93db02c7c35be542f7be3446eb991399a7152fb09ee27e95b39b17a1b02227c53c3916b2e979502a8 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 14ef34fde0408a2d586f0ec841b910d3 |
| SHA1 | ebf0c2cb11b5731d4a42c042da4e08933e51f7d9 |
| SHA256 | b5c4706da9859a0db1c147fee02be36aca2e3ba776d9dbf4f198bb63a086752e |
| SHA512 | d38fb143735c0a5c5d5481be639c6e50fa2f435d12b7374e61bdb406669c83d5644877ff636a2105257486a3dbc84e9a5ff32a81f3fb2de8f566b1b1dca9e54e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\prefs-1.js
| MD5 | 0d7f12e5cc079670ef4330eaca01d7ce |
| SHA1 | 1be06a6f51363f024abb185684bbd292183073db |
| SHA256 | ce6b549ac6e827f0cf417300b08a12470da0fbc23f8fb16641ee242b639d5060 |
| SHA512 | 7c4546e57e5bd44cadaf05d3755688a350ac0b7f6341fb69fdf4b6b50571e8cfa47350b824e841d766cdd271e5c66df85353cfb108bd4231ae0177c2e03ca60d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 379f362a759525e69bde7136abfb724e |
| SHA1 | 94e91e7f1dcb1eb55c63517171aa11b41dbf30cd |
| SHA256 | 5ab60bbfe03cedcf0cb70680b8bba004d6a1b868688c7c148ca1e609ae018613 |
| SHA512 | d88fad5429191594e12f2b6e3a64712cadc82de12a2b5d3ebafb40146d0b3cfe14d1abfafba22a83e917b529871086dab3f16fea3fdc41eaa65f19328f76a33d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\sessionstore-backups\recovery.baklz4
| MD5 | ab9368f1b5f1126d245aee76179b5c86 |
| SHA1 | b4961b3fb5105d31cdfb958ee13a75aaf1e72c98 |
| SHA256 | 98ecc104fd437d0979e1bff83c8eff82104f80d9a4ed988418573c1da28de498 |
| SHA512 | 7a2b4785759b33b016b940bb941e6d3ca003d9e8dc9e9afb22e7eefc9bad135b9da3e68653678da8374f926f3e5407443081796b5c99634c27258709400d6821 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon
| MD5 | 09372174e83dbbf696ee732fd2e875bb |
| SHA1 | ba360186ba650a769f9303f48b7200fb5eaccee1 |
| SHA256 | c32efac42faf4b9878fb8917c5e71d89ff40de580c4f52f62e11c6cfab55167f |
| SHA512 | b667086ed49579592d435df2b486fe30ba1b62ddd169f19e700cd079239747dd3e20058c285fa9c10a533e34f22b5198ed9b1f92ae560a3067f3e3feacc724f1 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.info
| MD5 | 2a461e9eb87fd1955cea740a3444ee7a |
| SHA1 | b10755914c713f5a4677494dbe8a686ed458c3c5 |
| SHA256 | 4107f76ba1d9424555f4e8ea0acef69357dfff89dfa5f0ec72aa4f2d489b17bc |
| SHA512 | 34f73f7bf69d7674907f190f257516e3956f825e35a2f03d58201a5a630310b45df393f2b39669f9369d1ac990505a4b6849a0d34e8c136e1402143b6cedf2d3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\gmp-gmpopenh264\2.3.2\gmpopenh264.dll
| MD5 | 842039753bf41fa5e11b3a1383061a87 |
| SHA1 | 3e8fe1d7b3ad866b06dca6c7ef1e3c50c406e153 |
| SHA256 | d88dd3bfc4a558bb943f3caa2e376da3942e48a7948763bf9a38f707c2cd0c1c |
| SHA512 | d3320f7ac46327b7b974e74320c4d853e569061cb89ca849cd5d1706330aca629abeb4a16435c541900d839f46ff72dfde04128c450f3e1ee63c025470c19157 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\prefs-1.js
| MD5 | 8ff9575d628c941590cdf13067c2e3ac |
| SHA1 | d8a6dd74552c09cfb57331027fb4d30716e260e5 |
| SHA256 | ea53ced1179e4cc6b7599251894ded0d54d8d59b18ff72ef147e48837d3551ab |
| SHA512 | ae1180b7e76f44cfd03d0a248d20b0738c59199a6183ba1f42568f80a17e904f105eb09eb3f1d437e55ab76529721582ffeb1b194396118fefea1dd88fe35af4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\AlternateServices.bin
| MD5 | 6dae2a91dae10f49be0969a78f79f09c |
| SHA1 | aa0013ec0fbad138f447be7a42c5824ca2645c20 |
| SHA256 | e17fe75c616741e5870fe18c34a46fd00f1f51f1ca4f3e94047f6d6e1b001ed6 |
| SHA512 | 73a4e08ac5035c55232fa045f02179a68563bccfaeb4d588abd4a8bb2b2a413d00e34897d1115e8a69aeac6aae219e661e4eef6a984e1c3a81618e93b6db60d5 |
C:\Users\Admin\AppData\Local\Temp\tmpaddon-1
| MD5 | 0a8747a2ac9ac08ae9508f36c6d75692 |
| SHA1 | b287a96fd6cc12433adb42193dfe06111c38eaf0 |
| SHA256 | 32d544baf2facc893057a1d97db33207e642f0dacf235d8500a0b5eff934ce03 |
| SHA512 | 59521f8c61236641b3299ab460c58c8f5f26fa67e828de853c2cf372f9614d58b9f541aae325b1600ec4f3a47953caacb8122b0dfce7481acfec81045735947d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\gmp-widevinecdm\4.10.2710.0\manifest.json
| MD5 | bf957ad58b55f64219ab3f793e374316 |
| SHA1 | a11adc9d7f2c28e04d9b35e23b7616d0527118a1 |
| SHA256 | bbab6ca07edbed72a966835c7907b3e60c7aa3d48ddea847e5076bd05f4b1eda |
| SHA512 | 79c179b56e4893fb729b225818ab4b95a50b69666ac41d17aad0b37ab0ca8cd9f0848cbc3c5d9e69e4640a8b261d7ced592eae9bcb0e0b63c05a56e7c477f44e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\gmp-widevinecdm\4.10.2710.0\widevinecdm.dll
| MD5 | daf7ef3acccab478aaa7d6dc1c60f865 |
| SHA1 | f8246162b97ce4a945feced27b6ea114366ff2ad |
| SHA256 | bc40c7821dcd3fea9923c6912ab1183a942c11b7690cfd79ed148ded0228777e |
| SHA512 | 5840a45cfdb12c005e117608b1e5d946e1b2e76443ed39ba940d7f56de4babeab09bee7e64b903eb82bb37624c0a0ef19e9b59fbe2ce2f0e0b1c7a6015a63f75 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\storage\default\https+++www.roblox.com\idb\3140325527hBbDa.sqlite
| MD5 | ad17f09df41fe652215f2ea81b8e2005 |
| SHA1 | f654dd9c0e1da30afadee6e3809a2dc0a2e818f0 |
| SHA256 | 12efddf332e332cbd374d668282cbf5c86071778332cdd8f2595f5964ce0248f |
| SHA512 | 394fd53dbe8e90a942c4812f21c483a97caed7b2d39321f770442e1a2ac25fe726f07596b70af6565c8741e1c02ff284e44d237f5ee8d5aef05ea56141909ab6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 6048d12fd1e326e90c9b0e1c710eee4c |
| SHA1 | 7dedb32380f995f12e65c45a12ef50f51a993b27 |
| SHA256 | e6c5c6f65573ee1f3c667a7618a2dc1ca06e549ce73d536de142c766f0c3e9cf |
| SHA512 | 918ffa4a1c18511649755331be13ecc43dc23ac37a66f3df4d1ccb1234c4c30fbc1c85de045d4250ba304a3fe554f42eb1317d2c2f41623ee8fb99dafbfd811b |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 2bd7fb2883b4ddee5f67885f2b9c0b9b |
| SHA1 | 866cd6fefb078af3a1315510307867513109b220 |
| SHA256 | a113e586d4c49f4f376e91d0f3ebef88463dea0151870e7c2a10ec8e9076e60e |
| SHA512 | c2605f6611e7aef1a5582f818fb95879e4dd1555965d707acd90907aeebd9a3314fef75fad09275237ca25a7291ae48ad9b365a344ccc3b2a11a8a2e607e32c4 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 20753cae506a2395adbb83dbfc858167 |
| SHA1 | 2ce6dd409b79a731182612d008213de574ff7bcf |
| SHA256 | 40839f5485e74beeb00d2ba53ab2f2d75ce42379024dee9f3b913cfdff368e44 |
| SHA512 | 42f0e5ad992cc055f307c538988bacaf6908ed9f3e01eee975de7c88081ade9c578be33cf3027099c5b71b17b774318db11ffed7140af2621ad4bf133617dc87 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 119621c62d5bfb061a85fb366a1bea70 |
| SHA1 | f80056ba9e49fd2a46daeed37d14b168e29435e2 |
| SHA256 | 9b0c3af3623d75e8b43cccbdda9b7f4bc0deb00c9aa6a94d82e389c127943e89 |
| SHA512 | 282c1c7b9b26461388404792f14ba6a4165b5514cae186b9cb61066e4bdcb2964ad8da381d1280cba73577158b6bc18e581661728e69de40b6909df6c9e84760 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\sessionstore-backups\recovery.baklz4
| MD5 | c2c85152ae6bd8e260ab1bedbc277317 |
| SHA1 | 1715b19256525a5455d33caf7ecbf6438d79ad55 |
| SHA256 | 5a3a0b4ebaa054da2685335c423298a10b0b27b68a378eed4b11f28a66e6cb31 |
| SHA512 | f7bd45b248aaf69e1e4b97fb52aa69bfec9ea0822f787f207f8e653d90718ce72ad255b372e8258bce4ff6ae4e807d5a0b52a10f18909351302fdce0df775f44 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 100ca5fc70446318e2d5d42ca5b6d5a2 |
| SHA1 | 33ecd7bcfefc49eb7b9b8a85e75af710b3076c7f |
| SHA256 | 778ef9f53b9bcb25feb025907d19f27751f797608ded63feab784b5ebe04ff98 |
| SHA512 | 5f30afa09e746b194cc387e140872b477f16552023285aad39c8dd7e3ae433bf3959f9da868aa70940e808421d7beb7300b601c516f7ee6b4cf79d0119a9513d |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\SiteSecurityServiceState.bin
| MD5 | 7a07b36024268d874781858793db1386 |
| SHA1 | 0509316ce8d9a031dda63604e7601f90e3057841 |
| SHA256 | 32c189f63652fd0813df86485d149616b0204bc85e98f08463cde02d5c9c59a2 |
| SHA512 | ed89835356e8826dcf4ae35a232cede5205a3ae91351b141b47e0b078729a517554216f457181e6e8a55424dc4e861d364dac20708fc0b2a5e091bfef9da952c |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 1b956e40af0c285d8f27db5578a7da4f |
| SHA1 | 1c4293ea99fcfb69da0d1c870944c00657c70dad |
| SHA256 | dbd4a37d8d40ea178102505d6bf00b120887aec8e7d15529ced7136cab93dfbf |
| SHA512 | 0226b7451272638815df6ed1d39a4cdbd93214f9ac36f76b88ec4c512ff34a83041be3ed79d21191b47344fc8e6942ed205dc13e580506b04dd6193b3dd0e3f2 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 5e37018867415850ea9126b5bdebb186 |
| SHA1 | 0d2f0e15cd9c32eb32669d89b5d41fa61226e18b |
| SHA256 | 45cecc67e9bc13212b53b325ae149294b7d63480f08536077fad110d421095f3 |
| SHA512 | e537d4a6d84de6b7d072517768b94b536a24e860d3cd6896c4627c9728dc2eddd0f9b00cbe349e1aef5aaa87fd3598b7756092ed10b282befceb51a842476226 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 2ff79729d5e588eea13e241257c7c754 |
| SHA1 | d27b90efcacbf41010430ab02d8033c0450fc146 |
| SHA256 | 518c88ba5f3fabd6cd27bfef4b6607c09a8762490b21bc9969cf3cd2d9a21179 |
| SHA512 | a8ca9165bcf9e5b094ec8d29689c09bb80349fc8b2314c145fa373a426de526b7bf36b5602cfdd5404b10365d3f9e7933fbb35a506b3ab805649d3415f6f6ce0 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\36BCFA23A4D04A528CE70EF12214E3995E132134
| MD5 | f6e9c56e14203b8b6da72d6123642229 |
| SHA1 | 99a03e8b72efbf57b67f786e19eb1b31ba254779 |
| SHA256 | e937390e0433a90bc79816fe22eb62241e1fe31475fc1faadead55231156ffc9 |
| SHA512 | 156c305b3fda44c17d4f6ef3339e25d1ffe3bcb55c4818f2fc50130fafbc55c163c3cdd95802b31c8d1fee0958f8a2ca688bf9903989e4ed4dc52fb5fd85660b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\B2321E3F9DF86CA98AFA3C0508B0DB4289FBCFC6
| MD5 | 2235f9d5e6b0950fe02e0e713c35e118 |
| SHA1 | 3f37f37d2855bfc94ab70d0bd47262f993b577c7 |
| SHA256 | de247ca02c04887c4f51e81d8741a7b1cc559c365db2f305ba67520901e3aba4 |
| SHA512 | e40686092ac8273cf10647ebceb70fbb7e65c8f77616451539e812178b020e5e0837d0b15e0958fae71f25d7e62e88e8fee7fc5e265ee002624ca18a86b7286f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\B5D9B00549A67C5E8FDA11F8BBFCECEDD00925E6
| MD5 | c41db39d57e9553e69a4b061e293deff |
| SHA1 | 741dd94557720d74cb2b569c6b6700a96681f1ec |
| SHA256 | 50ea88f9c4f9de483a2cbed3dc18fd818f473bcaf5f4e3c09bf1c888150cc210 |
| SHA512 | adbfdeac544629c3af70f771ffd809cbf42d5cdab5de7473fe07644eae100c4144b52d6564183046aa68c241d468ec2f034dbbf3f6bb489d68f88ddcfb41b47a |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\3880E07D7216EA6B15D621AA35EA5FA1D0B4B5A0
| MD5 | d7ece842471011d5138a80e31fe4e7f9 |
| SHA1 | d16371f2a9b0009199a0f450844cf07ffc59204d |
| SHA256 | e54e041343d1d83c44e04fa48eaa9284ca44898536029c2b08010386e0aee118 |
| SHA512 | 08779d44ec88ac8b5d2c1ffe29d563ee8caf3b0a726a0692eae330c3797e2b06e4efdf63e466edf48171e65cf1d83387d36083ac3d95c5624e6faaf58f7e1627 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\1AB33D663B69F4F748A08F27D06DE9DC07B327E9
| MD5 | 287b4dda7d3d34758e3684d310cc9429 |
| SHA1 | b6c291a1325fa69d9c1f794b5f82ea4df1eb1f3c |
| SHA256 | 2b1fc12f07276ffd45717b49d5bc6210bee7f1ae672b9aa4caf769cf981ca27e |
| SHA512 | ddd6e08799d3d022beb18a375293f1dfc98ba18c5e2e676eb08f553f5dbea9043c96915d036f056538d4667b5a48324ee32a9d4e91ab80246edfe336f91c8018 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\F27E0CDCD1C7E6F6CED7F2BE71ED722173C6CCAB
| MD5 | 4bfae5eda831620ded7c76f63f0778a8 |
| SHA1 | 80b87a62e771c9fb4649dbd3600ac8a95e54a3a3 |
| SHA256 | b07e27db339b1ebd54c7c515dce0b0b4dd9cb59343d107377e56bd1f09d27a46 |
| SHA512 | 6275abb07b36823dcb4770edf088f63c3e68da5e47969e5126d788d3993dd286870db294ccdf6bdf263d12e7f194930c60242bbb2528f0978919cb1e7831d2ab |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\4F0A302E303A8A3BF5615AF7B227BE05EFCC1BF4
| MD5 | 57ad9d46aba1693e92ca57bdce8a83bd |
| SHA1 | 74c7c7d319d1fae42554107cbdc62a257e3de2bc |
| SHA256 | 8dcbcbb321caa0f20fc755cc68be72ff08b75d8546019ea8b564ebb0fd573f3e |
| SHA512 | 2758843ee6effc8de3ed72e5aef64b36032f72d3747fd4b671857f62083af48396c4b5aa495b5e739565a48e5d00fea7f546ccf5534baf4bc6295285eda9a120 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\96A0D2F1C4ECD10450EA183542E05ADB3BBB4257
| MD5 | b29206d226377e0e5aa34561e62c026b |
| SHA1 | 88ab7fce61683a3bd61855546ebbfecd23b4305d |
| SHA256 | 9b6ad8a0127d3387c45994029cd9c317defb0ac082eb15246b954a20bb1c78ca |
| SHA512 | f705c53219afcc31cab2c12e3f3db0e5f580ae19af78ee26363179941c42ddd8948ebe2cd6c7c2fe20a89c722bc33812c16125a0024177b757e73ecd24d6de63 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\15CB1DC9BCADD0D8314FC7C7BF5E02774D2AC20A
| MD5 | 25cb0832fbd49f0a4d4546a348ef965c |
| SHA1 | 40d8ea6d044de49e2aa981b03ebb34a9be544b84 |
| SHA256 | d5a723a95d41cae8e60536cea1c4cda1186483dc62c4103a0d265476ba5f2774 |
| SHA512 | d67ae67fedddc8fc2fc8e9ba9b437fbaa2f1301b4b0ec5b5f4f5fcdb515ad54b914b3fbf6fd28c4629e95617d1fdd23f9d1fb4527c7b763665b233805403c330 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\691680DE655A62653643DE337423E895A6C63C79
| MD5 | bf4e2a284696052d31b39947239ef92a |
| SHA1 | 57c5ea7b8e8c5f6c0a74c4df7c11518d304b6bb9 |
| SHA256 | 89529c32ca4658453a82f8a9380f0f3f7970ba981d0fca6a806869ef3e7cd3ee |
| SHA512 | 03bc00a8b72034a1150f57976432f35750e0576209510c898906888bd914b7a5b9b249cc62bdcd37de20de850bd12add918131041e038acbfdb6544794ea887f |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\7D2EC7327A9ADA22C9789720F397B4A592649EFE
| MD5 | ab59a213a9a5d9932169411cc64bee95 |
| SHA1 | bbee24593c1c926a6c255d33dacc65ab301595c9 |
| SHA256 | 7b3bd86e7f884a6776e2770813a6221a72a34c8c3bc2cf3b5d7882d2be608248 |
| SHA512 | 78215069e2e58702d608e0bb1998b6ab9769cffc5c689810a3481e02681c41a85c3262f5c56e33b63218d22f77f8aeca37b220bfb4be4d334005842082be7f21 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\55E5E6FB4DA0D621CA2B27FEAF7A867987DF935E
| MD5 | 762817208f0bca2ed2b462af440eabda |
| SHA1 | 9077cc2d9723fbf0f4c7f6ae4fc83da08dc3da1a |
| SHA256 | 2afee3a9928dffbcdd79840b82dcef12bc26223c4bfb6675b1681e55006df939 |
| SHA512 | 229fb378349102054f1c7a9be5f88291a71bbdeff308a4a9f1331be91b5d84d688a697e6002f2b8cc7bef2252a47c50eeec7544b307da370015a38e643567ad8 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\9111D6B1D65E3DC8DF87F8D14FC15CD1A4FBFFCA
| MD5 | 147e43a4aa1a2870ae786c119701cc30 |
| SHA1 | 7db10c7f73beb74f3e571c98d5636565d3c2508c |
| SHA256 | c9906214f189029af59a203fd277ca3f03901b9b44ec7d303fd778e352a5bbec |
| SHA512 | 05754f060808c3a193c47193c4c12dd44472d46987be15b3fdd87ae2de31bbb840f7a7677cb3f18f8bab6111224e9cfc10cb33da33221af88f5410fae28c60eb |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\BE2D3D60C4D6C94AEDAA7868122CCB76EF5AA608
| MD5 | a45d4eed38410f8911d8af9c3d821840 |
| SHA1 | 6320a12449d52c1653a9578851e0996f6e8693c7 |
| SHA256 | 407c809e6b8d16a20cb0f9f82448810b4894451321c88b93c599c8bba359a54f |
| SHA512 | d490fa31c5f3af724822a7b81f3fba48ad2138080c6faf411ce6e139a4d966a9cb879fb51c47fb00a76d0c7438886b2be1462c71886e14cdc49765a28e8bd3a7 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\C68D52241DF17C05E063A681668CB14188760D95
| MD5 | 26462e7d5635e4b3880a4680260025c5 |
| SHA1 | 0bbce012372575c8becfd5431b4453287bedeec9 |
| SHA256 | fc40dee8159f9d374e4cfb318ef09c33775ceb09c1423c142e92ec3a249cfde5 |
| SHA512 | b3f7df94ca65f8356ea7211575c744f38cd492cc8f2739e3ea5bd3d643c8b84af90fd4902c656360f80a69cff90640361e1042e58d5b64e544f276183d7f73e4 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\23D7ACAEBFC24DBA9041C805C4C89DF006351EFB
| MD5 | 7c46711b63bd04d541b57250fc52efb2 |
| SHA1 | 1c1fa2ed2a0ea8faefa44b3d53fc4f6b03f5b177 |
| SHA256 | f94ea01813a3abd377470346797b037e6ef68995d6fa9b2a5223678d661b5152 |
| SHA512 | ba38c5efef44c5f2a521df208d3fd0912b514c726dc0ad602c3cd09ea990959f86645128f3470dabb8907f1aa14623ba789173a3a392549fe3271253057c3f85 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\357EE03C3DE8F75A63C2014036B2431C1AC8CDB1
| MD5 | d06abec1ea8d8026ddbfaa98f1f89331 |
| SHA1 | f6fdfe0f0376761a1027557099f3f71eec964f94 |
| SHA256 | 7f4ba6cb3090f4c37b7f94e82410394bcf8973845446a99cb8a71a13e911424d |
| SHA512 | 16597995e6d1c38b2357bd04558cf9f394bf98ca3dcf47b48449ca602cae5b97c77584f2998188b49b0e0dfb821a1b2cbfa8dab6f487dca4a4bd43f21e04c4ec |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\37AAE6F2172EBB8F25AAB227C7FE49403DC4BEA7
| MD5 | b173f56ac50f98a16719e4009650d965 |
| SHA1 | 4e531825e1c82d5f26b3c61f21f327a1f2e877eb |
| SHA256 | 0e93cded38b03deacee80601fc1b2e7c191bd7b2808a5925337411901fdc009f |
| SHA512 | 9bff4f7c3802c530230e321b9d329f1bc6f4b28f1907d2e751c5e8a4b62644c6a3a5b090c20e89b4296cfb357ca23fd68f94934fa5231f54f1786e72c6e897f4 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\BD78485C28EFDBA59DF992B8A5CDC34D177325C3
| MD5 | 805e874eec5d01a6ffeb42595eac0efd |
| SHA1 | 4f1dca05768c89ede40ea9a7e321ebb0d18f9a48 |
| SHA256 | d162e4b2291859c74c2f1f3a3654bb94f285d02d8e65616d89e7749509f9be24 |
| SHA512 | 2f8120ab91566f57fba2c7c1c2d10f2ad1a9967428fea8784b74b433554b62941fe8f46e485da5bf3904b3f0bdfb85b2161be6af479fea893028095a65a0d26e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\F430A59B10E951FD3D750F57D5D290E363216E7D
| MD5 | 541343449fa64d76bc88b3fb9032c32b |
| SHA1 | d355c3e3fe1054ec0a1c62360bef09d0cbb3fcff |
| SHA256 | cf28f36782fff0c55429aa359dd1df6cd0f7e9e1eada452e142c9a957f3b5599 |
| SHA512 | cd881dbff67fafcf6b1270ebced7f4b99eba7f067e3d2a11b226b8455556398ca78cac3d4f3edd11753ae17c6981b9877b297667f136572982d349de13056e26 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\903E00CC0EDD76D57ACCBDEC95CE0B3E8C2B9C11
| MD5 | b9ee6210afc86e29f2d5e147f7730616 |
| SHA1 | ba15ce8b2238d9dea37793c61547cac47bcca6f5 |
| SHA256 | 028e5c25b039c2a8d6e83567a9af9c011c9305dcbe1feb87568b6b9cceb34233 |
| SHA512 | ebb8824a84e56cb10a978e56c7e4b5f9e4ebf6492205b8229a06d07b65bf66ee93c371acc07543f56e44461fb1664718b85c2bc5d2824a1baa4d859118f9cfb7 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\971E1369139A2D741CB4AEEC3C5501EFC6E55795
| MD5 | b16388d763252b766dade93195404843 |
| SHA1 | 0ede5eba5317b4a6fe8117bf0d23ae9f804cd622 |
| SHA256 | 5c3e231215abac8f4d6799bd2f0978d4141d685c9762a60ce46c2d563d1cbf28 |
| SHA512 | 3928705d828d0e104a5dad10cbb9b328a85c9007dfe9e558d814f3c1555169f6e7a9cc764ea52dcc52c911984d4cf21edd548b556974277b2f79e5a5fbbe6fa4 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\739025F062E977A263D0043D9E01EE529DEBBEB9
| MD5 | 365687724a22f1e9c66ccc12ad775151 |
| SHA1 | 785d37584e837d8aaf414beab5fc51166b0d3903 |
| SHA256 | 9126ace87a2aacbc0a0cf1fe8e369b22456d3f9f44d68279317b9f006cc98b2f |
| SHA512 | d669ba7e4df5df7f96f3de0062fb4bc39ae2d582981cc8de4d865970d5387baf37a36c17cad9151a3766a06daa6dc8668c0d3291a7276a53eb5daaf58d794100 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\3CD97724EBF47B50AE59221DC942CCA5EE96ED82
| MD5 | 9359ac810927acc1266c9c043f1f2c76 |
| SHA1 | 7833f0d368aa2b662b3fb668259a36cfb3bd64b7 |
| SHA256 | b25ebfb0456f79a6a677965a612d4ecb7646d939996cdb057b72fd00be9ccd1a |
| SHA512 | b5e9564d16bf6271a57c657574d3d9af512e26a98116ea3ae81a3103c3b00799fb3c681e33dcae1cf2988c6f5a063fcdb6da95015919d43efc305e6dc9bb99e1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\F92E7D1CFA8C9E7BA6B8B6333715A43C4D60C42C
| MD5 | 64a742889d173aa5ee29a5110105f301 |
| SHA1 | 285fbf725e8c79ee911c75fb955d53f507ec5f88 |
| SHA256 | f3b660a105175b2b032be9a0f1789c64b46aeadeb544550df542fe755cce00d2 |
| SHA512 | c3c46c7e70412d991b014ab11c46563f340b179d355a20d4f812b6b9e016fe3dc2c8d863c1ce819939f8ed61bed2b457ada6b936059668678ce3b2b97a099eff |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\FF7BDC95D9D2E2DCFB31F46479BA0372533C2FB0
| MD5 | a53e1b4498b130e7cbabb807d16035c9 |
| SHA1 | e82007a85799322540694369ac93e34c8337f84e |
| SHA256 | bd45b31b978ec52cb0f22992566a1153fa1a7f1c8512e32d8372c61446013f73 |
| SHA512 | da54ef7fef3245bcfa6f826084425bf24d25499006584527f5518a3ffec49719a60e7c5556e14e61a067bbddc50bd42fa8073d044d929cfd4c2761d6b594a337 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\F3CAA836DF9244F44521C9C538B2099C9F5A9015
| MD5 | 43798df0c1bbbda4e603d94c4dda63ac |
| SHA1 | a3ff85a47129d98f99eb223856ac08c898196a01 |
| SHA256 | f375246e566a21f0bd28354f2719eb41ec02cc027c43c55b95198070b48939d7 |
| SHA512 | 6447ea70e3a650ab2257e14afcad140bd541f6dafc7f87da953d9dadd748dd0bcfd0516434ca6035074298e890e9e28b42ee62f379b39d0533eceb0ee8fc6d87 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\05EB7F6F7BD0BA633716511CCCAD442933622565
| MD5 | 54be89db63d44085c3204df77848212b |
| SHA1 | d95c3c752b8ace10c27e5090faca28ce153787b9 |
| SHA256 | 7e408e543b2861a80828506b069329a9d2216214c7489035612822fb36c41ee6 |
| SHA512 | 08476838bcec184467c3856e838da3fff0bc7548fdb5d438030a918e36225a0fb683081cb73ad3df36e4f291a50b9c6ed636abba5cf9d1ff41c213c45be49651 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\050DB43D78BBC79DCD9ADCBAE96500FE04597F1B
| MD5 | 6f4ce9a465f45094510e278c31fc25e0 |
| SHA1 | 9590016f3517899d37416247f28af5a65a7c3320 |
| SHA256 | 85f65d730b55be343f2bb17d1f67a5fb5c2a20dc7a4e2593903048605b0ab350 |
| SHA512 | eb6021ee22b462c5413e8ed2e4015111ade3cc064159da61fb7a651abebbb851f9f9dbdd66710a43d489241fece080fa7de892a282ede3064b6d9c2a55d30a48 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\F00DA237FB5E031A47B83AD110F14B4A4316AA94
| MD5 | 12a84d5a6f80e2dc402aa0efb3170ce2 |
| SHA1 | c75d9c1a31013cdaab6f33d98b7b57d5d0574466 |
| SHA256 | b5aa447d167640fcf111b106f36bad0ee6f9b17f04f92ef935c7b1e06397a15b |
| SHA512 | 0b1981722f71da1e00af364bec32f59ff0d25522a6bac3655c3f9022c963ff29c95e2ece3a58a15d37bdc520d14d163e6cd1ca3e33d1f0643f0ab6da383d90cc |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\C20E036239CAF315DF30D2CDAAC4F746820BB89D
| MD5 | 005f18bc36b92cdbadfc18d355598026 |
| SHA1 | b046db3cde4e0b9a980812e8fa8b6e60617d4e3f |
| SHA256 | f3c5f6e255603cee51e619da55ff76cbef4b6b477651cfae72c49ef5392a2e38 |
| SHA512 | 897fb48de9dcf3b9605c9ae29701339dd2fa4cabbe90248ebac1bcabeecbadb794c13894b95fda37c6107015b92b8b2ef0572b32e14e48780d8a78c276b1b7eb |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\4E3562C55341939E493011A1EC297C2A4CAF51DB
| MD5 | 8e443310aa3dbe2b47ab82a7bfdd3bec |
| SHA1 | 9bd9689274bc2c7097c6ec764ea735c3fc1dc5d0 |
| SHA256 | f9428eaf33d330e0c34c30cd75e24f96305cd75cc6e8dd409c21716c24c9b076 |
| SHA512 | 9e3a33627d0cd08310312e9c49accb9a5e5a63a2fc4ba6b3e7745585325a953308d78017adb984d54f3b34987edc4b3e8e37d73454da2ad6bcc835e89710dba6 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\AC5B4849CAB26A6FF5E0D69715FFD2D5203EA01F
| MD5 | 172382e6dd992dd42c0937b8dbb552f3 |
| SHA1 | 2d369f53e4beea3f17d16c0d607512ce50fd6db6 |
| SHA256 | 7b9e6b343b8f7adebe4c9870acb614bb4b762cde703ad5dd3dd930f123c79667 |
| SHA512 | d5d826d59e227ab2d82d87f873d736a43bfc612ff9df1666971d28d670f8ce74f9d0d04fb0aef034da7f3e4afdfe71a013d2d6519faa96e0254ae9ecdf955227 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\DA784CCDD74E697C1B9356166222C06487BCEA54
| MD5 | e5fa0e61d16fed622de8a227f2590b70 |
| SHA1 | 4453d073b3803abdb427dfa8f34cf50a11e628d5 |
| SHA256 | 4fcf06e23db0615ef042891c4fa9856e5f2f83a461084d11ab0b36063da81d32 |
| SHA512 | fdb0b148210dd8d6d036c7acf199bf30f9c149238f040750e893612891f0a092f5effb7d8f3743b0de32af0c9c08ce0a256d34a8f69f53255f6e8417ad4014e5 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\4C11E373FD9A73A5E61FCB5291518B290C3C15DF
| MD5 | 3709c89289dfbce548c58b64b115a55b |
| SHA1 | 1beadd0c2a654299bd4839cfd7d41a288cbe56c8 |
| SHA256 | c2f45768bffcbf76d38b0ba07640385b6b4ee6103ec46370741761849e5e5d86 |
| SHA512 | b657ba3d3837b20b1c1b821b16d5d6fd701cc51826cdd99ec140abc34bc703757f29c318ed8c0281748d313377415e87f9b9cb66ba0bde3384d434e101667e42 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\storage\default\https+++mail.google.com\cache\morgue\47\{4463d31f-a9d3-4185-b6ae-92d49389012f}.final
| MD5 | 57618d45f1a752b4c219450869403522 |
| SHA1 | 229d85842b59e762420f156984c6a5586237c74d |
| SHA256 | 14ecba5f33e97966562dfd9f25d5f68a56849a138254e6bf535d9973ebff0a19 |
| SHA512 | 7c2bad8eee74bbcdecce791fad3f869151344f445ccdddcf3db32a84b2e2df046cb50927d69f6158c6c9b86a35f70ce5b95c79b038569faa732287c64295aa16 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\sessionstore-backups\recovery.baklz4
| MD5 | 150c09ac5078558921e8314f5372bb9c |
| SHA1 | 2dd8d2f53310e002f0909de4bc3172db23c8c8bc |
| SHA256 | 897b9cbe5cb2690d004e21fdb9bfa569c371d396fb2d9c19e33502c239f000dc |
| SHA512 | 4d8c2481b7803e5e0c6fc09664e3b17717764b4b442dd5987182a4611457246320f434405daa8c0da2511e3fdd17399871c781f9b42555999f63816f53f86aaf |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\datareporting\glean\pending_pings\c5a8e166-4014-43d1-b4d3-da145933bf54
| MD5 | 8277b9883940a146d13d1168a3c436e7 |
| SHA1 | 7aa87c20e02968969650b04d762adce2b4d06aac |
| SHA256 | e664c22eac59b35d2f85f0f2e188a453ab4934401732bada8066958bfdd4d056 |
| SHA512 | 23b6ff3a2bd56427b6153949ba186921fad248bd11130c6dbc9cf247bcf4c896409fe62d93709683d4e4d5a1bc6ef38d5f89d9a2030cff0ab6c9f154fdf47962 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\datareporting\glean\pending_pings\bf1a10ed-e3cc-4452-8de1-1ac11983f97d
| MD5 | d3fcaf48f13e994ada571d00e2a814dd |
| SHA1 | f65fcfc2d3d7b99756a8c4083a6e6b8163935951 |
| SHA256 | d054b31fdf6b219e9619bb832fcdf7ef5ea21a7c81668ef0390b9a5ec743a999 |
| SHA512 | 1095e09579daf972e131be079babd18835b7e8b2ad23fdca1bd04d11af45acf04612856044d47d47b4375a3a921b26fb0b82946e0630499d0a7c6e483644b25e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 6a3e05bdc092eda64707499b4b34d594 |
| SHA1 | 6f1ec9e11fbd7433f96709187555405e2795b9f0 |
| SHA256 | a23bd2f46879fa53bce143e907c9cc5df489dd7a29d3ecdac057b76091dca175 |
| SHA512 | aa0752972cab7a376fe9d1b6e2aa3bbba8306f8db53db91b301d704cd6df200cd8a52db9aac512346a37d4e6a0cbbc8a3702b83f88ae93db0ad6806e52d8add0 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\sessionstore-backups\recovery.baklz4
| MD5 | dfd23154e465d8ee42857e7cbe1d2ba9 |
| SHA1 | d0249d595081f4f726c1b0da3290868fffcf761b |
| SHA256 | d7e94e9b9b9ccef6469426010e7a5e0d1edf1e69d52c7d2d257ad086aca2bf79 |
| SHA512 | 0f7eb2c87e9f27d4ca913226ce8315cb4cc2857d67ca56d505817da259e9f2dad7629bd7d71f73d9fdd5a4e7b182ca00fc27420f8bb3e780cf456af1a7a792f1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | a06867cad7a78d823f45069e7ed1a3d6 |
| SHA1 | ccdc04e305df86439329a8b026e8b9af87577438 |
| SHA256 | 82199981378d574aef3f5f44325d3ae0e884230792006a4709347f8096dfbb70 |
| SHA512 | a77ad23ed56727d7eb25201116a5daf4a9ad29dbedc48e5d223a0140ab0494ca482b376ee4bccdb91abbee0f988ba958c5f7b3975c267cb54e2ae46ee74e4d6e |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\storage\default\https+++mail.google.com\cache\morgue\180\{28dd4037-8de4-42c9-bd18-9df378ec51b4}.tmp
| MD5 | 615d9fcb4533363b0032fb2de5ff48ef |
| SHA1 | a36560c52fef423fe0121e3e956148d4d050549a |
| SHA256 | b6e77896c094c201436a553220f57aef336116a0119dbf63ec1bcc196f2b4b78 |
| SHA512 | 85b64d80cd61aad92e68349c6306ced6fa660e0f891cbb40a93079d9b45257a64260f808e86d936d55ebe9a4c0347b5b91458ab36339d02de776725ad7e3b364 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\storage\default\https+++mail.google.com\cache\morgue\12\{c83b7643-1164-44e7-be92-eb3fb62dd70c}.tmp
| MD5 | 8094d7c823758f6f8cb76b9b6c2a2840 |
| SHA1 | 96faaa2de728a0087192511f90b3156cd8144292 |
| SHA256 | 45d56f6c912091232a506e6c9c8cf63a614f99aa709979aaafde46eb59f1d073 |
| SHA512 | b1d2d783894b4fcde0a74da2d9672388eb2a5ec1b273e638c2c951482146e9cc800ff9509d216d9efe3f76ba9ee0a0c56dd2052248a0bad36ad5798e5f43c131 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | c3b539aa25b63b3c983d22d6c8d00517 |
| SHA1 | 0ef13ac8c89fed3773df27eb2f79e5ea0cf582b1 |
| SHA256 | 07a15092405c255521c138883e4f5466fb7603fb7be4bd2697b88ac20ea1c669 |
| SHA512 | 8f84b5e9cbd2821e5b61b5347fccb5104543c8e3f9b1e6c3b1644a19e76c4277c6df9325bb750ed30cb215d7fb2fc1d7ac4b81183c0242879c4ede2909c64ba6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 596ae1f2d09bd43c5b6a7c194e167c53 |
| SHA1 | e661c8cd24c9a2d0d74199f53e389bf32152a5f7 |
| SHA256 | 9931b5db177ffff7cb90d8acdcb502496ad5078aec710e0b4f516d50c60a247a |
| SHA512 | 45c85b1482ecc80c5d3362f5be0507c61af5a37a4f72fca22b9d0bdc0c2552bbf54426f66f0e5c09d163650b42665e89a09ad75ccddf204bfddd7f715a974033 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3e1ef8ba6a460db18551dfb9ff8b3f21 |
| SHA1 | c83af0038860e61c4e06a9d834de5a2c4128a590 |
| SHA256 | 7e46c924edd3555645369f4a50beca9f502a0a25bdd9ca6f8100b6f517b38f38 |
| SHA512 | c1b6031b718829ef80c179e31587201a15a0fbb8e50545e5c19d44189b6857c4621749670c0529c99c9da58a1af08954045a0cb2f9824165119d5c0098563414 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000008
| MD5 | 5dea626a3a08cc0f2676427e427eb467 |
| SHA1 | ad21ac31d0bbdee76eb909484277421630ea2dbd |
| SHA256 | b19581c0e86b74b904a2b3a418040957a12e9b5ae6a8de07787d8bb0e4324ed6 |
| SHA512 | 118016178abe2c714636232edc1e289a37442cc12914b5e067396803aa321ceaec3bcfd4684def47a95274bb0efd72ca6b2d7bc27bb93467984b84bc57931fcc |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 58079e71dd900a5afdc35362de9ff494 |
| SHA1 | f0055ce2033165c1af7ad40827dbe8bfa8c91992 |
| SHA256 | 6c1dc3e99b2b5e95dc4be14d3a1e7f87e8b6e5e84a3a4b08021aa8dcc1ad0cf8 |
| SHA512 | a41a7be464da47a4c310812c78aa1083dec2a007d4a86167892ec484ba78d193ef654188812fc1c099e03d91451db6fea823f4d5a0ceb33bd71124804b5d18b7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f01d7c70cfdeb9fc8856d42742440016 |
| SHA1 | e862138d466624a0f7f65d43325f3fd278875abe |
| SHA256 | 73ddb2b7a4780bf6abecf82c201dfd997c2e2a21d1c233cc34536ba7fa1b28de |
| SHA512 | 063722f71eb3e141fc22af45eab87af085f5af903b9128315f7633904efc8aad47cbf5990ba7845759e80fb0bafe3220c6f73087de4186be0822785663b69825 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000059
| MD5 | 8dff9fa1c024d95a15d60ab639395548 |
| SHA1 | 9a2eb2a8704f481004cfc0e16885a70036d846d0 |
| SHA256 | bf97efc6d7605f65d682f61770fbce0a8bd66b68dac2fb084ec5ce28907fbbdb |
| SHA512 | 23dd9110887b1a9bbdbcc3ae58a9fe0b97b899ad55d9f517ff2386ea7aac481a718be54e6350f8ba29b391cc7b69808c7a7f18931758acce9fbf13b59cee3811 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00005d
| MD5 | 86fe63fc0e7a1438f6e28c33fe5064dc |
| SHA1 | 8e2536f901bdf219649c2ef9fd4915b2778a877b |
| SHA256 | d70dec47837e50799c46d9b8925767d32f65adda04ec015be6af92bd4caffec4 |
| SHA512 | 99f6f8abf56e3b620dfb9e961a71897c050e7f6b3d3b20801e5b7209a6f0afde2de637f26e4baf5d869aab99e99f1b872b19017954155fba0340f8ec771bb03a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000067
| MD5 | 2c7063fbe85de97dfe8395ea09f61756 |
| SHA1 | 98c80da5bc95ad3226f7bf0dd7928559ae2d0029 |
| SHA256 | 30137c4a9762495c662a2650058ddefac5bbdd8035133092fae4e90af7048a19 |
| SHA512 | 71bad075c3af175c9fc853a5128e570eb97d4d89ab26121b28f5ea09c23475c8ad2b29ba4d7fed26b2b6b37983ab17c3031714bbf7e89c71220dfae2f6cb6398 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006e
| MD5 | 04ffe044ac566f05ac974dbdf6ce9f3a |
| SHA1 | ae0e2d141abc16edb6c9425dfcfb079b1c28a07f |
| SHA256 | 824614683c10dfc60630492ca4db543b1adc698ca9a24be971bd55a9e40d9174 |
| SHA512 | a8ab483440d07917df147c92cc2e2577701761f2009f986c7617f86624334dc179fe4fc71be5759c416940614cb00d3f61d2d4ad13a770131cd57eeb85031808 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | c2f4f38967789177204f7fb38e23f805 |
| SHA1 | 708fdce042233c6de6402c09ab055dab7a48686a |
| SHA256 | 710ee9e9d336c1fe888b159feb5ddf33fc459c748b8df9f3821902b53ab4db5a |
| SHA512 | d84a5d58a618002ee70e9f18c3682343d05f616b3d7df67e678e577a29063645f48e1e09636cb178d07af8aeed7870faea50d951bf133ed1900e71f42fbd4f7f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 915efa939f59f8d11b3b396384fdee97 |
| SHA1 | 8ba02c63428ac494d96c7e23f475c922b8aa0ec3 |
| SHA256 | 535aca0eb37bd8f9a80f48d9d89b7366b3d5ecfb213688b1b21935ff08ce92d0 |
| SHA512 | c52ce172e76c4788f55db1fcc5136d343f622c7fe3e6ed7a62e6af66242f1741dc704858eaf005cb3986346b1e687b28d74a0a83c7c9b2efc36a27a61475730c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 5ab442687f336e56c37810cf8f590fe3 |
| SHA1 | c08811a86081ced86048df619a74544c68902059 |
| SHA256 | 62c789c5c600a3571b380e965aa9034ad4cf4882fbb7c356243ad2f9a47d8b94 |
| SHA512 | a8fc46704305990115fbbed37c45222025b3ee67dbc38294e4d6adb68becb104fdb330ba5ed7bb2576cc2fd765f6d8c7d2984f2d81a06c994a9ce7ff9bed4533 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5ddefde94f475b070ac7995458ea8592 |
| SHA1 | 60a4b567c45be6071f84d0964d3b83967f301759 |
| SHA256 | 5442fdbe7476de691bed3b87ac8628c2cc686afcc3ffbec5e034cde01ea9d320 |
| SHA512 | 31ec71a75511ba57e4823a355d0207bee7826b1302be0941de96341662742aa00ea8f9dd0dfd1f6557f57f296a99707312c46abef33d6c01c53550c820d68f1b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | a75bff162374d950c1532952ea1255d6 |
| SHA1 | f92a03163c75d47ddadd6ea54760250e03731ebf |
| SHA256 | c6b7d7779bf64f5cd536a62d07e0e787aad59986741f863d9d33a4c8485bd654 |
| SHA512 | 522bfe450ae5ebea3d4f651d189470b8e41f078e385d9de8682b89f7ca34a1219050dd0292c244ed647c711794339d4ff954fcd1239728721a327d0393100129 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | b6cf76b246e9f85b2d0d0943d2e66322 |
| SHA1 | dd7224a381881713d365def2d4c527c83de146fe |
| SHA256 | 5975b8fac0d9addf074510b71117c755eb2e24e59a767c875479baac45cd445f |
| SHA512 | 44d86cc19fa721fc85743a14c5acc0dca85a2624360722b3e7f3f43b7d72a012ea6533f481563f681fe5da3ea6aac151fd88de9b651a27259385192b47e71e1a |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | da30905a0dcbd4f0a49c3a681f4e01a5 |
| SHA1 | 2f0d09a7769b95f476385d383ad57d3b5d4e90f3 |
| SHA256 | e5b42b026ae918d5160ea4cc51d2e46762a4d682a5681850ddb680eaac9b9e7f |
| SHA512 | cb33d853fcf25b6bcfd090cc29e95210421d6ce166867ea0d5c1f61f0a3d45058d4dd93b4cc88d7a35a65e0812ce25d5e125a75423dde947c9d9d3a19494c776 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 175685fb06a69d9e2c7c052f17ed33bb |
| SHA1 | b7b5d45d12fef73374b687f4c1cd291eeb8c20f2 |
| SHA256 | f4b315eb9209f655f39409ddc2cf3853fd07509d67f43ae47afe3f777c06a4a8 |
| SHA512 | e61d0112cee9128f1d78f7f2dcb8586b05687d9dfe30714b6ac8995c5a84387b36fd0a165101f38ebfb7b6ddba72b1df09e9d070786a0443eadd14453bb791ea |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | d7ee9cc0267499439eccff920203f5f4 |
| SHA1 | 4b7cda9062217833503650cdf2193fa774505407 |
| SHA256 | 5edbc82e14762385c33817f75aa782497b38338b6508558e406a071e28c6d9d5 |
| SHA512 | ed909458520a393c2ce0cebc1ef8b28c4cd922f3a5c6d1fda37c26389e9f21031197db95b820dcc71025be4382ec12c10f33b5648f6a6b1c5a3ed0b400f48b87 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
| MD5 | 0d89f546ebdd5c3eaa275ff1f898174a |
| SHA1 | 339ab928a1a5699b3b0c74087baa3ea08ecd59f5 |
| SHA256 | 939eb90252495d3af66d9ec34c799a5f1b0fc10422a150cf57fc0cd302865a3e |
| SHA512 | 26edc1659325b1c5cf6e3f3cd9a38cd696f67c4a7c2d91a5839e8dcbb64c4f8e9ce3222e0f69d860d088c4be01b69da676bdc4517de141f8b551774909c30690 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 22aa913cc4d8873887f1cf0dfa5eaa2a |
| SHA1 | 95613bd2f222ae9651ec905476de96a39eefa60c |
| SHA256 | 20665897495b8817e7f1b79bae1c687db5fc7d5f7baf7da5150a580664679fcc |
| SHA512 | 16903fce890d440daf6bb4ac2ca2e4ddc5141d2e793cb71cd43538d2e245fd95df1e079a62c431254e97540e8a1e63659cac5a1beacfdc83a40a089096a5dcc7 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0efd27e02e03b829fc33db6f25c9932d |
| SHA1 | c15e5067cbf755cd4190e832ca77058d40be4820 |
| SHA256 | d01b0067cc619f01f621b878546d93003d708bdd8447903428114bf505b508fa |
| SHA512 | 4e3c79bb0488d444fad9e167d08b802cb164074111b798294297e834a01e4414c317cdedf40e5170251664c91912e3550a077366028f5b705a7eeb07fe74f273 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000070
| MD5 | e1f6e032096b2924e561c3928b9dc73d |
| SHA1 | f33a3bb1b04f04ed1b93b13d21b6b3ce529690ad |
| SHA256 | fa802b853572d8a40ee939940d0cd9562ea8f5954c0522b0777e01fcb546c3c8 |
| SHA512 | b13f6e1f984d28c5f4cfc4ae2298b321c314892cab1e5ccd6f1f61ec98d8c1a39669078c88ba541c91648963abc6e16e0a1cdb4e9449b4be16927e9bad8d0f37 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00006f
| MD5 | cc7ad65e0558327d8fbe8ade40ab94e8 |
| SHA1 | 6c153e9bf971f196db25cb2cb3b62f77f0a1299a |
| SHA256 | 956e1fd407995ff1ecca3bf42ca0d01086edc7eb6a965e1d9d4a48f197a8bd30 |
| SHA512 | 0af63a7bb1151ef7564472b90ddd766857e3fd78973195817aa751d97093558688733876114ea7341063c7f1bc01f90aba1016980ce2c009a0cc399f40614377 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000072
| MD5 | b715a5dd019d1b8771a3031ff85c972b |
| SHA1 | 5768744eb85d3137d094458e4b7842c1c5c526cd |
| SHA256 | e9ca7a8587bb3674824a28a8a80836e3483dc3bbe97c658bf7c984c5b424920a |
| SHA512 | 22e09e48a13ced3a3cd95a5f40b5e9ccbbad8abbd0d6af7dd4e411d63c662b09f1ad2453909a6c7a0d0ce34f250f2fbf0d7f076dced281f133ab7f21d2008d1a |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 3acdcc5f4c8dd6c71ef6c16af002ef2f |
| SHA1 | 8f65990a5d41d211c3865ba50bc001f43366b2c7 |
| SHA256 | 656e34a3cd4d99c80d2a8e47c8945aba228d9a6f4b8e434f9099d6382c33af85 |
| SHA512 | 0e5fee09139818acccc8001e131584a8ec87c94b2900fce6abc521b8a1cf9506b47c575640e7261c97447c16dba139e5a33c69b44caa22d9aa890bfa64806592 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2a0bd14852a4951be647636903b1ead6 |
| SHA1 | 3aab2347174f5c6f22b2f1a612a2dfc6fbaf3d79 |
| SHA256 | 6c03c239b1e54d8747d237900e988b662e38b3c79fa0916f079877c918cf9355 |
| SHA512 | fa92b836c799377694bea7e105d75d2e0c3de9e1dd4eadc62b4324dcad410f44962f0dcba4ed434b7bdda5b78913673a4d4161caf09facb58cdadb26b74ebbd3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\f8b0b5cd-ecd0-418e-9b8b-9eb5b15bf556.tmp
| MD5 | 9365ce418a7400f50508b053c83d6d36 |
| SHA1 | 4792759150d50a63e8ce4ae834cd904c89201fb8 |
| SHA256 | d464ac806af5c1a865dff7a9e312cd7984ec702193034b8535f47aa57d4034c1 |
| SHA512 | 150f438bd4ac8eba240110c5ee5c4f25040bb350e16019895772c73da61d06c919b196e6c0dd3b63566bf34b05741fefca29e0166c9ec52bdfb61e02c588bb6e |
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\Downloads\RobloxPlayerInstaller.exe
| MD5 | e16e648456a76cf6c12be47b86b4401c |
| SHA1 | a033d9a48bf918dbba65ef29576dfdcb5db2194c |
| SHA256 | 3032ddec0e6152a0aa21929060e8fd6fc0a55c4d7d8c534fe6be24775dbc39ae |
| SHA512 | 68f335d81d20b8e5e273310148c011aaf8c2d42f2902da31653f705090f2c86f6a1c872c40e776aebd0c394abc32b87efa0213c95292467fa3b5ba0b8c9a6d6f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c354aad37a4298c9eaf30cc8af00abc2 |
| SHA1 | 2165dd99e9fc6493279ee83a61754273aa879d3e |
| SHA256 | fba94412f1c7578665c507b38b9e4db9d3b44f0c86241baadb5138ed930afbf4 |
| SHA512 | a9a7d51c98301720a7ff2e91b8826c0e3407fb7aab4c940929782fca1d7711a689c199e63da6ffed4a373418f230f9534e063bff3a1d30d91f9345420e5ae2b5 |
C:\Program Files (x86)\Roblox\Versions\RobloxStudioInstaller.exe
| MD5 | 59424c76dce707ae9be1c22d3792615a |
| SHA1 | eff79ababae89ff5c6547826241d6da9830bed33 |
| SHA256 | 56952f66488eb973dd8dd593068ae19699bd018ed67dbeffe7a33efef4b0d1aa |
| SHA512 | c820c679ae7b2e4f119a1d5e6ea2aa2f04bd614fba1f1a8c15284b1248f82b9eac4661ca63ce26f2258e8c7a0cafaf6898052ae8b2dbd0e17e92c1ba9db20eee |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | de682f05ed581cfc8d3a2f2b62069574 |
| SHA1 | 6f15be1b0ed4925194098dfca0bba63af5e0c1be |
| SHA256 | d6160c31432248498394c110ef7a18a02ab3a8d8cdc91ee6e4670b397ab3ce86 |
| SHA512 | 68117c9195337abcfb4aa829728be35573b29376886deebb78fed689037ef43bafffeed85d598d02cf2bb2b8ce9e707f0a719fe702da000cba2ebf96b2deb2a0 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms
| MD5 | 59a8fce0b77ee833f89a4e326997188c |
| SHA1 | 228394baba47c5da192c1192f51a1b713164aae2 |
| SHA256 | 56da93c87616943dbe21ca8e06ba90257025dfd2fdc1b5659cae01e6d7dc2797 |
| SHA512 | 38202e3b31a363eddadc02e58d7f2abc5cdef6cc542e7161ae25767b354268ccbbb177fa113088bf79f50833f16b7c2b5152a2e04a7825a493ba652d4bf6719b |
C:\Users\Admin\AppData\Local\Roblox\Downloads\roblox-player\4eb40bd3c767674ee4b74fe5497f0863
| MD5 | 4eb40bd3c767674ee4b74fe5497f0863 |
| SHA1 | e632cf2bc598ee38f323b331b4b64de0fd51a706 |
| SHA256 | fb9fb730389c066f553796c8c843b507ef3101aed13f7303d5f1ac6c347cbd2c |
| SHA512 | 33b5b734a696d67c5ca9dc911f4920a29316fc901bd1b0a9cfb1702657d7f017806c69b1aef80090f64dba353364dd987e3440ca2547afbd3fe4e9af61546660 |
C:\Program Files (x86)\Roblox\Versions\version-080ad6451df24461\WebView2RuntimeInstaller\MicrosoftEdgeWebview2Setup.exe
| MD5 | 610b1b60dc8729bad759c92f82ee2804 |
| SHA1 | 9992b7ae7a9c4e17a0a6d58ffd91b14cbb576552 |
| SHA256 | 921d51979f3416ca19dca13a057f6fd3b09d8741f3576cad444eb95af87ebe08 |
| SHA512 | 0614c4e421ccd5f4475a690ba46aac5bbb7d15caea66e2961895724e07e1ec7ee09589ca9394f6b2bcfb2160b17ac53798d3cf40fb207b6e4c6381c8f81ab6b4 |
C:\Program Files (x86)\Microsoft\Temp\EU8B50.tmp\MicrosoftEdgeUpdate.exe
| MD5 | 4dc57ab56e37cd05e81f0d8aaafc5179 |
| SHA1 | 494a90728d7680f979b0ad87f09b5b58f16d1cd5 |
| SHA256 | 87c6f7d9b58f136aeb33c96dbfe3702083ec519aafca39be66778a9c27a68718 |
| SHA512 | 320eeed88d7facf8c1f45786951ef81708c82cb89c63a3c820ee631c52ea913e64c4e21f0039c1b277cfb710c4d81cd2191878320d00fd006dd777c727d9dc2b |
C:\Program Files (x86)\Microsoft\Temp\EU8B50.tmp\msedgeupdate.dll
| MD5 | 965b3af7886e7bf6584488658c050ca2 |
| SHA1 | 72daabdde7cd500c483d0eeecb1bd19708f8e4a5 |
| SHA256 | d80c512d99765586e02323a2e18694965eafb903e9bc13f0e0b4265f86b21a19 |
| SHA512 | 1c57dc7b89e7f13f21eaec7736b724cd864c443a2f09829308a4f23cb03e9a5f2a1e5bcdc441301e33119767e656a95d0f9ede0e5114bf67f5dce6e55de7b0a4 |
C:\Program Files (x86)\Microsoft\Temp\EU8B50.tmp\msedgeupdateres_en.dll
| MD5 | 4a1e3cf488e998ef4d22ac25ccc520a5 |
| SHA1 | dc568a6e3c9465474ef0d761581c733b3371b1cd |
| SHA256 | 9afbbe2a591250b80499f0bf02715f02dbcd5a80088e129b1f670f1a3167a011 |
| SHA512 | ce3bffb6568ff2ef83ef7c89fd668f6b5972f1484ce3fbd5597dcac0eaec851d5705ed17a5280dd08cd9812d6faec58a5561217b897c9209566545db2f3e1245 |
C:\Program Files (x86)\Microsoft\Temp\EU8B50.tmp\MicrosoftEdgeUpdateCore.exe
| MD5 | c044dcfa4d518df8fc9d4a161d49cece |
| SHA1 | 91bd4e933b22c010454fd6d3e3b042ab6e8b2149 |
| SHA256 | 9f79fe09f57002ca07ae0b2a196e8cc002d2be6d5540ee857217e99b33fa4bb2 |
| SHA512 | f26b89085aa22ac62a28610689e81b4dfe3c38a9015ec56dfeaff02fdb6fa64e784b86a961509b52ad968400faa1ef0487f29f07a41e37239fe4c3262a11ac2c |
C:\Program Files (x86)\Microsoft\Temp\EU8B50.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe
| MD5 | 60dba9b06b56e58f5aea1a4149c743d2 |
| SHA1 | a7e456acf64dd99ca30259cf45b88cf2515a69b3 |
| SHA256 | 4d01f5531f93ab2af9e92c4f998a145c94f36688c3793845d528c8675697e112 |
| SHA512 | e98088a368d4c4468e325a1d62bee49661f597e5c1cd1fe2dabad3911b8ac07e1cc4909e7324cb4ab39f30fa32a34807685fcfba767f88884ef84ca69a0049e7 |
C:\ProgramData\Microsoft\EdgeUpdate\Log\MicrosoftEdgeUpdate.log
| MD5 | 408105df79f8f63e7cebfaeb886a9130 |
| SHA1 | 9018ba3692a007446b172b4972fff535b8a5231c |
| SHA256 | 5b7e09d93f9c90a78e317212d56280663fc40aaa98f9a930d2c8aad824977724 |
| SHA512 | 4c779c4c5bbb7d8a054e24600fac9901011b7671efefeb9924ab4b859a71e2e0ff7d5b749a4f466b23dc24a5da5920a0195325caf72cd7546a8fc06c8e6f4960 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 253921d83e6361a04c344ecdf4e8a6cf |
| SHA1 | 738d7cb262528f1e239aa477f3899fa0735074c2 |
| SHA256 | 45ff548b4d8ceed5c680900922133cae4a2bf2e3ad869c618944a8b8f85b4c52 |
| SHA512 | 551ac22239963207de7460cbfad2cd30715d29a6fbd150ca72322016daa3c62e197e6f1327723705acaaafae6defa3366c7446b856c128a352e8eed0cdd413cb |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | 9d7f2bbb80a9fcd5df7bc296c36f43cf |
| SHA1 | 970ff2ab7f4a3f04fed9bbe5045221916710b1ee |
| SHA256 | aa4b94f055ef7b1ecc86a2e5b1ffeb87b483abfe3536804033ae4efb6ec5b067 |
| SHA512 | 9e3c52ad3c6abc206fe72ecd888846350c0688f168be7f0b785063c1b2a3b8b0a6348338f6a8dd316734f3bf320af93c7ff1fa74a35e9aa5af3f9222df6c0638 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\prefs.js
| MD5 | e7accfc190de01dc53f2ced33c533363 |
| SHA1 | 28bcb398784dd5f2543c4cc9194ae75722208551 |
| SHA256 | cfe902f8c44a8ac9b475ee6a99db8a708b34f8ec57281f6ab3639f1f79cb5477 |
| SHA512 | 15aea02835df03370da476a04b3f37d8d90d8bc97c91d178fac8d4e5314f45ced6d5e4099ae630b214e2ef15a1becf36d21b190ce5f99f58ca5a9dcf54ff8e2f |
memory/1220-5726-0x0000000000550000-0x0000000000585000-memory.dmp
memory/1220-5727-0x0000000073C40000-0x0000000073E50000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2d83158cc1da954075850da866e95964 |
| SHA1 | ac4f03eefa640670a20c30a84b385dc0cf445ae5 |
| SHA256 | a1eec24b29c89cdb3e62cf990a49100a4118c578d911eb14798201a3af3d40a9 |
| SHA512 | 99f232fd721d9f28f4a11d7515505224247115d7caf3fb1a99263696398e4dc45e088cce05033dd2a225ee96dcbaafd175fe8ae7b57c79ef408d8d8486daf4f6 |
C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic
| MD5 | f3b25701fe362ec84616a93a45ce9998 |
| SHA1 | d62636d8caec13f04e28442a0a6fa1afeb024bbb |
| SHA256 | b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209 |
| SHA512 | 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000082
| MD5 | 147422ec939231963d71d043b75f1727 |
| SHA1 | 9d241c45c50c9ec84800a5f79c806a7e0b6f4082 |
| SHA256 | 4fb0f7b3cb3eee6882a1ce5531e7627efc34106a4f98a8c1f3cafd2239dd0d2a |
| SHA512 | e5befcb9fe6c0361a6fd2e2b71ef2dd0e53fed6c9a3e8c063d27bac6c857f8c892f7f4e05da83ea8407fc1dfa46ca5711a35657967fd525407844ff0cc0a64ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | d9a10e4332d7089b5890fd5465b4e162 |
| SHA1 | 9a8a182d0d9d1d51e3d6472c4c71a3d76c6eb3c9 |
| SHA256 | b2b118de43a19f83815f7135a6258bcf4a002a675a4eedb1a804e949515e01b4 |
| SHA512 | 3f4acdd9829605b3d8b7a3f87164ab3738c580d173962c39b968a12523d882eff4d7b023098fce44cc62a3440af3c5ff292c99dfac414b8ae799385fd7b2f09b |
memory/1220-5794-0x0000000073C40000-0x0000000073E50000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 400f5d3f571d7469498a8801c240a504 |
| SHA1 | 6e97fe472bbc4d3aa2692699051f89444f1b2dae |
| SHA256 | 64ab345051f431b9dd64f5b216091ef9b217eee76222aed6219c21652e79976c |
| SHA512 | 378c064dd89edbab07f59155fe4f9af4610646327fe3846de97b3fc6c3682f8cf5910624e8191cc90859e3d514cd047ab972b8a499e372b3518d8aaf2e7a7156 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | bd4b8610f0f9303b547c9a71e1b734a0 |
| SHA1 | 8077843151b8ac25e2e7ff94f80dca17ac777e10 |
| SHA256 | dbb34c5ffbf17538991158b23b83082866e6ae7460eea245c85174847126c3df |
| SHA512 | 02114bfd50fe38734be408161679751b9de07eabbfa5418226bf2756e0a95c6c009e490dea4724369be6d4e8ff8ec954b9d320715c61d89d426926913047e828 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 6d5a1901eada86f78c162f21d00b2d93 |
| SHA1 | 9dd62fc274008b06566340441012ca9f95c0ce9d |
| SHA256 | 710f2a66f7458af168219fa7492e98b16e3399e3ebdab04ff679e9731a6461c6 |
| SHA512 | 07e9761da76d2db5928bb4aee6e7bb6d9f6f265f5cadcef294deb4800b4bdb67d72d9374cb500196ed56191737c739236ad7acf742e255db4663596b61d62b4a |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\datareporting\glean\db\data.safe.tmp
| MD5 | afda53ef4dacd3e5c028b5842ef52cdb |
| SHA1 | 4f95da3cf5c5c0420fab4737a6404d1828616447 |
| SHA256 | fcc771e158334585c0378ef76e8b7e6475ef12245c3939f8333b84af33109dc1 |
| SHA512 | 0fd8913a1f1fd1ecadcfd5011fc79be3a0f8dd6d5f69012cf9647c44e920f707b86452ce3aca226fca592077cc295e92015c981e8582ace0f40420818aac05be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 2e39384814c57ea9acbf59b20cf8a9aa |
| SHA1 | 30b99a3038819ffca6492891134eb9b90e7b5866 |
| SHA256 | d4eb67597758691f54ad78da7f6783d41e6f0bb33ce790ab84fec7df66e60919 |
| SHA512 | 8c3ab819b9c74c369c1cd11d02936f5cb15b7897dd5aba48bb1ec4c0c30300fc5479737888a66528169cf3292d77acd3551b92d9c05a57610d73199ce6499252 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000084
| MD5 | 4b6b49ff2d726219e7a202d177ba990b |
| SHA1 | e92d330983326cef35ac927135f3b21362972725 |
| SHA256 | a2569c08318a9243271f3df8bbc6f92d66f2e91e2890dc8d474e3dab28312327 |
| SHA512 | a64afe0f236fbd6cf150df09db04be72cac5824ff12dd26a0cf67206ccdb665ed8871eeb7830c9339d33f7926c2bc707dbf2b4e7f136d846465cb453ac59c794 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3a809ede341303904aae33e32dd5d2b6 |
| SHA1 | 4a8885f531a178aaf04fa5dbf718f551528d1934 |
| SHA256 | d3747261985782e375a67fca8a46c478c7613ca13e099d89cf808ed75d1731f8 |
| SHA512 | 187c7e667f6057fceaf9dc57fa3cb839a06c98e19bf7798d124e7c154af4842babda5ef335ebb0f02e0ec40ce698bb507c435f5e24fbc5553177d55e49f45b57 |
C:\Windows\SystemTemp\MsEdgeCrashpad\settings.dat
| MD5 | 61a5f1938bdf52b2a88f2c3ef63e441d |
| SHA1 | 01be00d32fa8c9fbde3bfaefde5d68acd19845c7 |
| SHA256 | 936b9f6ce95bbbaa11ec48c9a43cd247e00a302cc1272c66c8daf70ac204ec9f |
| SHA512 | 269256e8b57e433ce7defd2277854dba202d7ecd198a05dcc765c228422b46ae5e9a1a24d5dc23282fefceed4f46792695db47d658de3a94a3fb0f62076b2d9f |
C:\Program Files (x86)\Microsoft\EdgeCore\132.0.2957.115\Installer\setup.exe
| MD5 | c2f035293e07aaa688bc9457e695f0f9 |
| SHA1 | c5531aa40349601a23b01f8f24f4162958b7ab72 |
| SHA256 | 704df2272e51fce395c576e4090270e0db7c7562f5b59779d36ca0563505cc91 |
| SHA512 | 70228567ef097bee2b3e04a5300437adb3615d4217d3a2d08fbef364afbb54e43ffb5dd0e5f3931737d648f56f912ebe35121cc8421354d8c2292fe48f5efc51 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e748873d60abb2d2bbe157eb76682357 |
| SHA1 | 648065983435d8bec2ced196e20216662bb41330 |
| SHA256 | 3b67c1c812bc27962d327a37eeb6cb8e3e3bd4c60d2832a3fde3603066ecc567 |
| SHA512 | 6d3d27bff818020d35952a7bb3a537165d5958146bba193f92a3b74a545e349ff5cecc02a56c8c9cba73ec379b782c57712f01aedfad78443a43544020ff1d8c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ac16c3f4c40d61a5a0303159cb897f91 |
| SHA1 | bac72c8f370692461dd9f2d564f02fce16662629 |
| SHA256 | bc42b4b9bab8b758103fd2258793d5af2783832449b942a8c941eded33e07265 |
| SHA512 | 2ef6bcfd185ec72dac15a836e28b7664f9d59fddd4e7e1db92d0d0dac300e4d0525b8f09a8e8737f066dd2f53db5c8a62fd348686ba1436178596eb85798808a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\wasm\index-dir\the-real-index
| MD5 | ce9e6b354d3fadedc58f5c06be6cd748 |
| SHA1 | e8df3b22737f81537c717ed2686d2a9ac13ca92d |
| SHA256 | fd57b2d78299fd7a27c6e400cbd73787359bb62c8aff393e26f097928b41de51 |
| SHA512 | 14e564b87001820e1d0a995e2ed00f97ec720fe85317a99b03e03ee4e6b8bc1dbed528a6ab7aa684c54bc7ec9b126eab611275f9fbd7d54a12dc0c707f3829be |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7ec6d09be88636a0191f3d90ea0974bc |
| SHA1 | 95df3fc7aa4f995c73395aaddacf049994924891 |
| SHA256 | 6a5dbcbbafd66ccabf277dad4644dc9109b63b0dcf50f1d71e8f8d8fa2a960c4 |
| SHA512 | 887d2784bfcc1f53b46ec7dbf732fa4a2ee87340b9131c9747bb203d591f15b2609ce530c2fbd8e27959034ad33e7717fadd668571eb25371d3cd5d225dc067e |
memory/1220-6013-0x0000000000550000-0x0000000000585000-memory.dmp
memory/2312-6030-0x00007FFC29360000-0x00007FFC29369000-memory.dmp
memory/2312-6029-0x00007FFC292D0000-0x00007FFC29300000-memory.dmp
memory/2312-6028-0x00007FFC292D0000-0x00007FFC29300000-memory.dmp
memory/2312-6040-0x00007FFC288E0000-0x00007FFC288EC000-memory.dmp
memory/2312-6039-0x00007FFC287F0000-0x00007FFC28810000-memory.dmp
memory/2312-6050-0x00007FFC26FC0000-0x00007FFC26FD0000-memory.dmp
memory/2312-6057-0x00007FFC28E80000-0x00007FFC28E8D000-memory.dmp
memory/2312-6056-0x00007FFC28E80000-0x00007FFC28E8D000-memory.dmp
memory/2312-6055-0x00007FFC28E80000-0x00007FFC28E8D000-memory.dmp
memory/2312-6054-0x00007FFC28E40000-0x00007FFC28E50000-memory.dmp
memory/2312-6053-0x00007FFC28E40000-0x00007FFC28E50000-memory.dmp
memory/2312-6052-0x00007FFC28DD0000-0x00007FFC28DE0000-memory.dmp
memory/2312-6051-0x00007FFC28DD0000-0x00007FFC28DE0000-memory.dmp
memory/2312-6049-0x00007FFC26FC0000-0x00007FFC26FD0000-memory.dmp
memory/2312-6048-0x00007FFC26FC0000-0x00007FFC26FD0000-memory.dmp
memory/2312-6047-0x00007FFC26FA0000-0x00007FFC26FB0000-memory.dmp
memory/2312-6046-0x00007FFC26FA0000-0x00007FFC26FB0000-memory.dmp
memory/2312-6045-0x00007FFC26FA0000-0x00007FFC26FB0000-memory.dmp
memory/2312-6044-0x00007FFC26DF0000-0x00007FFC26E00000-memory.dmp
memory/2312-6043-0x00007FFC26DF0000-0x00007FFC26E00000-memory.dmp
memory/2312-6042-0x00007FFC26C80000-0x00007FFC26C90000-memory.dmp
memory/2312-6041-0x00007FFC26C80000-0x00007FFC26C90000-memory.dmp
memory/2312-6038-0x00007FFC287F0000-0x00007FFC28810000-memory.dmp
memory/2312-6037-0x00007FFC287F0000-0x00007FFC28810000-memory.dmp
memory/2312-6036-0x00007FFC287F0000-0x00007FFC28810000-memory.dmp
memory/2312-6035-0x00007FFC287F0000-0x00007FFC28810000-memory.dmp
memory/2312-6034-0x00007FFC287D0000-0x00007FFC287E0000-memory.dmp
memory/2312-6033-0x00007FFC287D0000-0x00007FFC287E0000-memory.dmp
memory/2312-6032-0x00007FFC28740000-0x00007FFC28750000-memory.dmp
memory/2312-6031-0x00007FFC28740000-0x00007FFC28750000-memory.dmp
memory/2312-6025-0x00007FFC292D0000-0x00007FFC29300000-memory.dmp
memory/2312-6027-0x00007FFC292D0000-0x00007FFC29300000-memory.dmp
memory/2312-6026-0x00007FFC292D0000-0x00007FFC29300000-memory.dmp
memory/2312-6024-0x00007FFC29280000-0x00007FFC29290000-memory.dmp
memory/2312-6022-0x00007FFC29160000-0x00007FFC29170000-memory.dmp
memory/2312-6023-0x00007FFC29280000-0x00007FFC29290000-memory.dmp
memory/2312-6021-0x00007FFC29160000-0x00007FFC29170000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 46d898a059d9d645e3dc8a8c2fbb8ca4 |
| SHA1 | c469692af6c9acbdbfdc37a02fd6d52027741554 |
| SHA256 | 22d7d06300b8ea9f5fea05da319aa8f6bc644318e49da3481bbd46474ec8cae8 |
| SHA512 | 6a162a926cdf688627219507ba6e4e7a4fce68c6b082d1cef23a6be599c6a89c64318ca76c807f905eadfa9a4a6317d528d930bd6ff59ce2b82523906e0a4c6a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | a5a22c2a18874413ebe2180a845a5edb |
| SHA1 | 552f2c6d6d0f7f5896dc8176ae9bac5b23b8c04f |
| SHA256 | c8fa0c621dcb9d06d36b3b80cc4f84817e3d97f521f18e03df0dae4f4a4ceb09 |
| SHA512 | bfd44e0c10dfd3512c12c424f107fa80b7dbe56b2733770447bd9c2b2b842be3caf6063121639a17c292d3fb368f1343580a73d08096054bf2f23d8ac600f4e3 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00008c
| MD5 | d63db1dc0307fcf9e6e3be5845f0ea04 |
| SHA1 | 1333aaa2a3473c44ebda2f63080656994996eff2 |
| SHA256 | ee217323ed9f2f9cf7f64be80c5ab0bb6f3f7172e36b5aff225426684b13511f |
| SHA512 | a789c1ab36fe8748cb3dbcec3104a965a42fec789f6cba179f7bde56e9a6b3932afcc03444f4858f2622ce3f6c17f6cd277e11dd9d2cc2b2c73db8060fef86a6 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 0dfa96a0555a619ac5ac02e957009ce5 |
| SHA1 | a6b1d0d10d96bd419c4b8fd9d46aa3c64d50d700 |
| SHA256 | dca1b64a9b18a73a1284a6d4e0ff7fb90eed714e7661eb6328b1b51b49fc8aea |
| SHA512 | c33e3a0f2af4e56d13562dbfe3c20337677111f63cf1098fa1a27b499c83361a68a8590d93ae99175eb99f30ea0e6216cf58e18bd89edac79389b2f7191d15dd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 3f9b78a60ee601b88a08963118516c9c |
| SHA1 | cff732352f13eecc965530b7cf9a7ed9a64120a4 |
| SHA256 | 0b4909dc329e3f4e87f905582b5fc7559aec63de3fba45efafb9f2843750ee6e |
| SHA512 | 48623b806aee7d641b0f998efd51fdb074b5d2d79314427fadd473886383e36c07a9ba33f3c504dccc0b74b079891e143f7a7d509832915a85a2ab8ba055a772 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 84c3d96772cfa907db3f138aee9b6e2e |
| SHA1 | 4fbd9d3009c99c49399aa6d97ccb3f1a227633ee |
| SHA256 | bfee00a326fa0f0e263a0fd6dadcc6942a6ad4310a9ac5f7a47e03db8358eae1 |
| SHA512 | 60ea7700c1d2dee960106092311b65e907fa8b5cd2b50cf3e3762a27404aa11f192c770835cb5c6480118a01aab30f35e42365c17f0b3ea4a5538d1090d0f8cb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 56038fa8c0f56883882256cf737f3c3d |
| SHA1 | 13667715449037af7f6b9b02c9622a7eb490d781 |
| SHA256 | 58dba0953708200b3128e1722fbb8a016b2c02a920d8c8891fe7ec0f179ff452 |
| SHA512 | 238a0af0711366cb0cd441c58b95351f8c70fd9d95d157c5b5f1d91f787ee13b556ccd770b19392cd78f7d961bac6022369e2fcd28fc320907dfcc6fe8ff7d02 |
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\6824f4a902c78fbd.customDestinations-ms
| MD5 | 03e3e0d8c346431b5598369c40b7f3a2 |
| SHA1 | 6b74bff222d28526abcaf2515e0a71794820049b |
| SHA256 | 2037d74c841b6ee6117eaa4fa9780e7c7efc2060ca24e3673451345f2586e650 |
| SHA512 | ad5b055763271470fd198ce26c5e4a2df5d33e7ec208245554329ae4d4ffe6efb42d7172914f7f17c19bb99bdd071b9ae71968431b87139e1714aa01a83c2aaf |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 4078186e225f057886ec22a78dfbf9d8 |
| SHA1 | 998d91daeb861174c23548a0a64d72bc850e2f5b |
| SHA256 | 302f8123bf5213644143e7773ea8b4e3be49a79bbc7b7dd576bce12dfa9e65d3 |
| SHA512 | 8b23616dde5d5b6ba9bd0d2c7d4022704f8265b0a173ba6a6c28d9d2d273f8bdab5ff6b781c1a11f875ec26930dc93e33c1b59c81a918a4847965ee05c99bd03 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 86492a3fb47db5bb746db3aaf2fff72e |
| SHA1 | dcbed4d3d7d35e59ee9b7b1ec2ed002e3d2a76d4 |
| SHA256 | 31fb80a5bf8377463aaa59617f627ad003a710e5de98c4dcec7f2ef234642b61 |
| SHA512 | 14cbbd0ace2c80beeafb51fa2c029c754dec69871550251053616884b302cacd0530455212fc90aa24f4c2b0ed273f18c3cff90a353ddf589bf16eabccb9d799 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5c3bcbaa132762da88241b920c3f944f |
| SHA1 | 2bb64d707ed8b520f926b28d74afe6bb5c47c541 |
| SHA256 | fdcd023b6e606e251ee2f4dc1a69aabeebc5d78eab1a6697fe1cc0e93250789b |
| SHA512 | 2fec506a60706d50c99ecb60bb7aa19117ca1a33cf2bdcda0b3a93e01a04ab121eceb8bddfa4c0bfcdd84a83d1d40f7b5c86ce73ace623cdbdd1f1455a083961 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 5801b1d4862089c6dbdf7cd9904b86d7 |
| SHA1 | d3d82955c93bddfda487cd07d7df87a8f6587eb8 |
| SHA256 | b3950abe58d0c0966a442e60edf4cec20db06ab60da1811b8a62343baa42c0c3 |
| SHA512 | e49e55f378b5929c45b15491eb472067bd0e632da494fca6f71c1f9a9b53c70759f351a619ffd75765150d9c0c780056be03e5736ef3c91eed8854ef97c4d5ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 56d76adba5e47a18c1070e28acfaaf54 |
| SHA1 | d5e8a3b885af6559852abe226556ba789d5a2006 |
| SHA256 | f1efa757ebef67aa4e203eb7e82fa70d0c58dc6856b6f4c89d20d3662b06f820 |
| SHA512 | cd700d2174bbc1fce36ee993dc324a247f02fb5fb7657b3a77ec35fd9bc075bdb6504ead0b77274e06dd79d7c29c29685f6bb0fd53da5ac37af0d98853abf357 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 0e56304066e458396202c68ffd149185 |
| SHA1 | e24045f9c263be88bf8d560e5f411cb923a30aad |
| SHA256 | 06a84e183f68c5173279c9b06ddc639602acac23d7ed8e9f56d6c69100226102 |
| SHA512 | eb25144e03dd96dac67519a1d01b24756a1c745efdcd7edc7d32cf63868d57eb6af1995892a441fdf1146fbe79091f186ca3a32e41ce46756679e219f20d0ad4 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 7e1e101e90dabd4b29072be2e1b13197 |
| SHA1 | 44d964f50a4c5676e2b1a421acd2bd8b84801648 |
| SHA256 | cdbcc1e5737bc4b9e2ba364e5002b73b5487f8851643a58efc3bff316ad26a95 |
| SHA512 | 111779080246662f427f0241d5ddde3a6624f691496814bf9934e9827258b23da6aa9ff5612d8462a106756ea8ce2cb19d8720d6a7e0267d828f78c18b5c770a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 5645ebbdbf817bd8547808e53b5d0148 |
| SHA1 | 2aee5a5b77b2c5889653fb147760896eae77d190 |
| SHA256 | e3bd59e5d07d7eb814e794aa845dc92acb9b8c789546a29239f49119d7041fd4 |
| SHA512 | f4f5c76f2b73988484891cdd7fd36912a98c4db24609d5ec684a76e39cf5686224f1faec861ef6837ba123df0f492fb39b9ea6c1371e79df3764bc9802bd4e03 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | ca860c2c847c865affc49f6445bf88c9 |
| SHA1 | 244e8665fd552f5abab570aab64ff2ee4b02932e |
| SHA256 | 098f2043eabaf4d28657f3642b047732a3b04043facfe393da846728a85991bc |
| SHA512 | 742add366853b7adb04f0de3e2891ad6b1ded394e4a4eb0f63f499952f84904f0b1a840ac8fa4e7a0ceeab5098fdd86e6ae526f3ad70a0a4221a2d1b8ac0c78a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 775ebad7280b440ab6553de5cce3ac3e |
| SHA1 | b97e48b76b1297d71b1fd7f6cab6c5f3e664d952 |
| SHA256 | 8d5649951769cc2afb92ef8b491c591096ac027a0445dc5b11f0e64fc1902b96 |
| SHA512 | 330e2cd83609ea2654f7e1c08872bca050f48a0df82bb4e98abbadcd9b7f9ed9bec44c4a60f8d6db50530bf67a7c90af1e8428deb1d4f8471cad75931beca992 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | 62e3285d94838911e5384fcac8014b1c |
| SHA1 | 81dec0e178a4c71fdde51c05ad3850f884b8e14f |
| SHA256 | 801f6da0ec7be1595125aaacd3318d7ba9c4749bd8387329b5c8768438286605 |
| SHA512 | d489897c657cd73f66b35477ccedadbf0074dbb9c8b897a768a2cab9df2d1c96b66ca681f254613803ec1d9fbb2d20dd02b4eabb4bbfabff60243648691d6c8d |
C:\Program Files (x86)\Microsoft\EdgeUpdate\Download\{F3C4FE00-EFD5-403B-9569-398A20F1BA4A}\1.3.195.43\MicrosoftEdgeUpdateSetup_X86_1.3.195.43.exe
| MD5 | 83f7907f5d4dc316bd1f0f659bb73d52 |
| SHA1 | 6fc1ac577f127d231b2a6bf5630e852be5192cf2 |
| SHA256 | dac76ce6445baeae894875c114c76f95507539cb32a581f152b6f4ed4ff43819 |
| SHA512 | a57059ef5d66d3c5260c725cae02012cf763268bd060fa6bc3064aedff9275d5d1628ff8138261f474136ab11724e9f951a5fdd3759f91476336903eb3b53224 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\prefs-1.js
| MD5 | 35f1b298b4b2caeec47637ececda8872 |
| SHA1 | c064747dce174c1eacfa8094c624e00ed81cbc09 |
| SHA256 | 06cb987b4bf005ff32fbc224c3317881d96c151ea94c2bbbe818d00f7e50f28b |
| SHA512 | b40d1794a25778c2812d5c55478028bb65f69c34dff865fb60efbb67a0ee17006f4f56796243e5154479e923fc1489231f026ce2da6264669377479436db0284 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\0305BF7FE660AF5F32B4319E4C7EF7A7B70257A3
| MD5 | 63a7577195862edc014b4cad8189dc97 |
| SHA1 | 2ad6a8d758c4a9b5df67a92147b6c479a587b812 |
| SHA256 | c1d9cd7f1ac602503ec67894377b44e11eeb1b85ee799395acfd9d13a4c3fea4 |
| SHA512 | d64c9b4419ffe25112e2769dec423b8745960f77fdcf92d0a51fe15c01bc0fda7408282776b8434e02eafb6fc7c78b382775c1d11e575f1a7a260c3b8287ed20 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\254256B27E0C48CF9B80B695F0B3B8CA84610495
| MD5 | bf908461ad11cc80ca5a1afd42f00546 |
| SHA1 | e9bebcfa2d6a3bbd91cc66d76df467126418545f |
| SHA256 | d2c202387e652d8bc69385da1e436b6431adb9940cf5719040be989d27279bcc |
| SHA512 | bf5042a2e9b0e73d028b0fb741ab059599f0d67b4f38d987f2b2ecd2209020af6d8ea2f6a45d2086e7c91fae58d3b03eac57546fd86089e68b562a88cacef718 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\F8CBD54DDA10F4286A41EC6A537240712D6C2308
| MD5 | 54996b127dc76dadb5663204bc7b3033 |
| SHA1 | 4ec3292b9d1344fbec417b34f6066cb224b547da |
| SHA256 | d5b392607542808c0faf766c98c9b2280c6c541d779eb5cc6c0da20e335f24bf |
| SHA512 | e5657de515f3fa25fef1ed09aae27cad27af6eadb4ea256884759537d433bb553ba59a6b4817ac2ba03833b4e9ec9b8f0cd21e35435773f66bb50e20c2130021 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\D059FD0322F695507887307109721C11AAD75FFF
| MD5 | 956c54f6cc592b7da34f124795ef9e49 |
| SHA1 | e600819fc4b2582e9bea115afb04dc38e50c3b49 |
| SHA256 | 9ab0498d6cfd13ed5ce7aa58d4f211786ff42a684ef13706616534a7b96f11ca |
| SHA512 | 900ea20f96dd4ad5cba384a9bf9857d6066248e5a6f5a9b5e903581908267a49bbc9d2433ecd17f8bf5114422709573d72156385f79617bc8ce647ff9ddc7ae1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\825298C29785E3F6AF4C3484828F681FE0BA43CA
| MD5 | c44f0cf8f208f304d372ff566df226aa |
| SHA1 | 9f0d7832381c9d0dbf61c869b28c1402325108db |
| SHA256 | e363a4ee3def95e3777d45cefc350fb84ea7f6f76d2801d8b2a68531920eeeb4 |
| SHA512 | 3aaa541653f53b758cea97fb04f3a52258c2ba179f9b756d803736a6ca146bcb555567c125297507d8f5c8989bc199a3b1bff4baa51076d08cc741256c99a94e |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\AEA9BFF7CEC00D4B526DF934581FC40809985959
| MD5 | cf73472f8692c1b5818e627a50c58b8f |
| SHA1 | 1fa26c3a2948032fe51a47498cc51cd1c291fd59 |
| SHA256 | ea4f4b31cbc5427bca45563b87c6aa9160ca9f2ccb63e98c8e8cf11d58ca5bc2 |
| SHA512 | 6589310ca9f1e9701f428cb362b33c0b666e20f5b55a1437d44b8f4d1bb8918dea64b4ad17a30c3648fb5bc2e634cd15ad250c69b01e4ed980f1069377501556 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\32027373AB514902694BD2F13A8E08513EAF1DF9
| MD5 | 5e4bf19ae7f091da11ae5e984fcec059 |
| SHA1 | 54cb1bf0c701757b6ebe96e52d6a0d10c899db81 |
| SHA256 | 1f5d973449b2999c8048f1fc9b9a92545ddab184bac071a6ea93e29650305ffd |
| SHA512 | d1f858f0a2c4a6be514d155ada5973480db1fec628354be397f230d45b99ff1fd8240d2b4c142c3882f5b4d0ffc878b697f888dc68e5f3700ee216a92bdd6033 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\552D7E776EF97053734643ADC0C74EEAE5E0BE4C
| MD5 | 24069ad8e13c005fbb2e3ccc80a2b519 |
| SHA1 | 1cbe1869c8565aaf7520b713d5c8a007c5e3a92d |
| SHA256 | ec756a46d7d45815912e0dc6ae26c4f551fc41f5b8cc6db8a9e3f40c2201dc2c |
| SHA512 | d702f0ae94bd1c5a543f9e0e7070ec2a7adfa499fffd4247c69e8b1e8a998721a44c8f319c13a9802871fa5d96efc20e9cc9feeca7c6c0c2704dc47740dd9b66 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\EB921352F352981E1630D05B67EE4FFCA81B0519
| MD5 | 9402d10632f499d2b3cae89ac571cc98 |
| SHA1 | 7340c20dc7c1052bd89c6b624669a48d706cb3f7 |
| SHA256 | 568a17a333e19bb8e0338b62b96d15784a10f4dc1bf47d68553be962b5c4c426 |
| SHA512 | 5d6f02c987781bb5e3090e4861fbbdad9ed41e50c0074cb65984ade3268fbe298c7c914ab2e49c7e54ec47cc6cc8f1ffbd33188d0106694bf0fc28895ce8e6b3 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\C886C15B36E63849FB9E86DCC97456303F590459
| MD5 | 69076a74528fa91dd9e922f3f0878f57 |
| SHA1 | d4554b908ad9148ec97ebd0d1e5d06a37b98912a |
| SHA256 | 3bf2a08e5990a9d639d11f218772d96869fe7f9af7bc5b9036ca07e5f940a361 |
| SHA512 | bc719c7a103cac208d7a94f49f2063245faeaffb956144e0a04e6021e78126d3008753dafa5026d95e5b725fc1bde181deb375126914c51788e852b3ba8cfdd1 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\05624CC981C1E09E289ED3A0053F4AA121CA018F
| MD5 | a4b61a4ec7eec92d8c5058c1c5581518 |
| SHA1 | 3b4cfd314def1a0a99fd969d83a95095abd79c2b |
| SHA256 | fafb4f9a11f3da0bcb2715a28ac50b1ddcfc60df506cdf46faf28b7228c03d6f |
| SHA512 | 7cd78198da6fbed1bafbc9342104d489885071f821863532de8ad1894986bb1eae8e4816912ba9f8640220354e7a9358e3996312c8505b99e019b30a43bbb0d8 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\F18D85F52EBBBA2AB081EF739ED0D6E8A76D497C
| MD5 | 5680ed60b19dc042f658d3fc89a0471a |
| SHA1 | a32b9e577d829b8adb82eb74dfdb840546ca2c5e |
| SHA256 | 2b487c424be3a588c299cceae8f86626141f14e295b2cbe98e9b89ad1b6e8893 |
| SHA512 | 87aca39be79f38008578ef3a6ea427dacd4a1b684845e4ef4344d4b933ee406feeaf3e9ad3be0959a9ea52e39b94da9d37427d397ecc9ddfa24b99af8e80a12b |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\B97431ECB62DCFE30A83D657611882A3B361878B
| MD5 | 2c8b12adc2cb67ee432c51661fb7e9c3 |
| SHA1 | e3a5ca85d98578c0c3236492f556560cb6801c89 |
| SHA256 | 11641f8a034be0946605c00ad655c440ce8f24ead485c1599e851bfa95ecf95e |
| SHA512 | 968bb26873c507f26ba980cda5dafd2f02a3cbcf2f0cb952b98ce33e3e54ce36f0f40562d5ecc231c2c40ca8b80a010b0c0007db34960b46247692ee323a9a35 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\06CB61A49454E8527210B835873B3EEC32F93FAA
| MD5 | bd305658a5f571f99ee22416228deecd |
| SHA1 | 8520217f01a69bfa595547a31ed69073558c7168 |
| SHA256 | 76772357cae2d623807c1984a74d21f4be158eb023e2dc4b26e7a0a1504eaf6e |
| SHA512 | 31b3f2424bd28cff7b9c23cbd3b0b161edc303c3e2355c1aa51ad0b82a7c6625c0012b9ba3c11276f60116106a313b74cf361c4ed75c69030685c02a69e8c6e9 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\7BFCF32544F467F973AF267DF4EB4842EDED0C1F
| MD5 | df6f39bf3c9ad4a8775d7309016a8b25 |
| SHA1 | 9d6b9140497b79c67509ba4d27d02c4d76ec783c |
| SHA256 | 90d819cf7ea399abad3b3d09a97686ea9966dabba6c44efc2960a1ddd4b67667 |
| SHA512 | 914b5194160c48a00c7a6b7c52556b430eb7c6fc288ee1ae88b2afac786429335f0e1b7b08d5114aec63a4e801d6d9d4006e885c066707995f4e2a36e27e8711 |
C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\dfn8djy7.default-release\cache2\entries\7943793AD6EF12CA229A1DF7A721B44C210BBC82
| MD5 | acbd2902d40459c46fe541959e2b141b |
| SHA1 | 99e76053632d344f8ff34a6dd6fd8dac74c75394 |
| SHA256 | df13f98d1cb48fed5c730b5714b7191b135c05645325ea7a5d86cedc8dd29ccd |
| SHA512 | 2973028dfb1ad64d3d5802036a791e1a4b554402a9999f2e209beafe4a4ac112714f42964f38ff14e513663384e4919c0d2039f013fefcd6f2055ce3de824977 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite
| MD5 | 85ce868b910845f937271fb502f389b8 |
| SHA1 | 482184ffbc0d9c538f60299e9afeae53fd0bfc01 |
| SHA256 | d926907b3d52601e94a80a69b6e28c8460c359c2f47510610eea25ee26056127 |
| SHA512 | ce6fd26b61e654d84a65ec45925cc8ed0659326494d7099e7c3793a7ac500b5f213e2731d98c70cbef76ddb102be60e6ddd53aca0ef92e0c59ae62505c188ae3 |
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\dfn8djy7.default-release\bookmarkbackups\bookmarks-2025-01-17_11_8VjzqSwmtqWutgfS4lkHNw==.jsonlz4
| MD5 | d09e0770c9a6098005e20c4cb7a240f7 |
| SHA1 | 1ac27e5428372e8a3567fced290a82ac275ed20e |
| SHA256 | 64385dd70b96360672a2d630a06b7e08f2616a225b9af955825836d9c7b73262 |
| SHA512 | 57f293a8ec263128d0e9c7aa951248695a7b92e808107b1ec442ac2cfdf06b77e21361a3c0c9931f1590bb18c7b8ea07932873ef5400cd495c909466789604de |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity
| MD5 | f7889c06c6bc847af78eb628a01eb9bb |
| SHA1 | 009dc3c33b04e634edd052851f54e651639cf5b6 |
| SHA256 | 5cb5fa671dc5484dba24b62e37a65c1e6aacdae99b09713318558d63727f40e4 |
| SHA512 | befd5d73dd92397ebe6e503fc6582372f0943ab302cd83132643f742b695bdb54866bfe1121082d33f9cf73f439b422939bc80f148b2add62583936bc6744fef |
C:\Program Files (x86)\Microsoft\EdgeCore\131.0.2903.146\Installer\setup.exe
| MD5 | e8e8b726812f34db032aca8b97d8ae7f |
| SHA1 | cfc2f7ddc42bcd55bc1de597dbd228faef9573c0 |
| SHA256 | 46e9e7a54c7cb4b0f6f3eba955827af81cfd62bc7ba2b374c21ba7e802d820a7 |
| SHA512 | f26ae84b91c2f3cfb8b531c4ddcee86e3a95744d4d52162b54b055827952c78c3fcd138f1508babbab68c04b87138a74d9b81ae7ccc6919b2c4f482f71dc1d6d |