Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
file.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\03bafe1c-bb9e-4714-adfd-856c201a05bd.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\0a6597e2-ad1e-42f3-b73f-d9ff0b9f4570.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\0b0453c1-db7a-45c6-bc86-7136e413c374.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\1f37626a-f07a-458f-b924-cf59f423cdd0.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\24f73c25-2e79-4f29-aa68-fd82f0d82252.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\27bd07da-2e66-42a1-bad9-f64bb25ad9c3.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\3814454f-a4ba-41e0-8968-dada57e15464.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\90b74960-7372-4ff6-ab24-72327f1d437b.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Ad Blocking\12a967e4-750f-4e1a-b9a3-05243902c9d8.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Ad Blocking\blocklist (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\BrowserMetrics-spare.pma (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\BrowserMetrics-spare.pma.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\BrowserMetrics\BrowserMetrics-66D3A684-158.pma
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\BrowserMetrics\BrowserMetrics-66D3A684-1A78.pma
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\throttle_store.dat
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\16913a56-e754-4ef9-bebc-a66e7a1e0148.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\182ff923-bd10-4faf-852c-4f7fe450e0b5.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\3968e333-5b4e-4179-a135-15ae8be7acb4.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\465eff51-4817-42b5-8986-9341fe67f8f9.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\98e7dfa7-ce0c-4cdb-91e6-02ddbf071816.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\000003.log
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\AssistanceHome\AssistanceHomeSQLite
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 3, cookie 0x1, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\f_000001
|
gzip compressed data, was "asset", last modified: Fri Aug 2 18:10:34 2024, max compression, original size modulo 2^32 374872
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\js\index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\js\index-dir\temp-index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\js\index-dir\the-real-index (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\wasm\index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\wasm\index-dir\temp-index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\wasm\index-dir\the-real-index (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeEDrop\EdgeEDropSQLite.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 14, database pages 8, cookie 0xe, schema 4, UTF-8,
version-valid-for 14
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 5
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\domains_config.json
|
JSON data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\ExtensionActivityComp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 1, cookie 0x1, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\ExtensionActivityEdge
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 8, cookie 0x8, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Favicons
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 10, cookie
0x8, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\History
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\History-journal
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\HubApps Icons
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\CURRENT
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Login Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie
0xe, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network Action Predictor
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 11, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\4216ff82-abc8-4e9f-945a-6bc5dff601d1.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\8fd2b0f4-8d69-424e-b8af-de8dd9f85925.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Cookies
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Network Persistent State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Network Persistent State~RF3b47c.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 9, cookie 0x4, schema 4, UTF-8,
version-valid-for 6
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\SCT Auditing Pending Reports (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\SCT Auditing Pending Reports~RF2939b.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Sdch Dictionaries (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Trust Tokens
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\a9e2c709-6898-4d97-be2e-17f252bff8b9.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\b57959e8-ea27-47d0-b8d2-b61332ab74c8.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\eb74e617-4c1b-4bac-a770-b0ef98afa83d.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Nurturing\campaign_history
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Preferences (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Preferences~RF32319.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Preferences~RF39859.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\PreferredApps
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\README
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Secure Preferences (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Secure Preferences~RF2f3eb.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Shortcuts
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index-dir\temp-index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index-dir\the-real-index
(copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index-dir\temp-index
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index-dir\the-real-index
(copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local
Storage\leveldb\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local
Storage\leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local
Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local
Storage\leveldb\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\05514576-d86d-43d6-91f6-35aa7c67a4ed.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\25e6f6fc-d461-4221-acba-40c0ec534774.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\7c252622-cf06-4485-9a05-0de55b42d2a4.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\94f25aee-b7f4-4d65-a6b9-94221731832a.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network
Persistent State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network
Persistent State~RF3b4da.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Reporting
and NEL
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x4, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT
Auditing Pending Reports (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch
Dictionaries (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust
Tokens
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Top Sites
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Visited Links
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Web Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 4, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\WebAssistDatabase
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 7, cookie
0xb, schema 4, UTF-8, version-valid-for 10
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\arbitration_service_config.json
|
ASCII text, with very long lines (3951), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\d484f8b2-3240-441b-ad39-cfa2c44b9e72.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\e664efa8-bb0f-4901-9560-e69f9c5b2ca0.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\heavy_ad_intervention_opt_out.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 4, cookie 0x2, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db
|
SQLite 3.x database, last written using SQLite version 3042000, writer version 2, read version 2, file counter 1, database
pages 1, cookie 0, schema 0, unknown 0 encoding, version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db-journal
|
SQLite Rollback Journal
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db-shm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db-wal
|
SQLite Write-Ahead Log, version 3007000
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\000003.log
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF28533.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF286d9.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF28737.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF2ae57.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF2d874.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF31a9d.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF34c0e.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF370fb.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF3981a.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF3f8e8.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Nurturing\campaign_history
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSettings
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSynchronousLookupUris
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSynchronousLookupUris_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\edgeSettings
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\edgeSettings_2.0-0
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\synchronousLookupUris
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\synchronousLookupUris_636976985063396749.rel.v2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\topTraffic
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Variations
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\cb3376bd-8da9-44c4-ab98-846b8461b4d2.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\d7c25488-3b75-49de-939a-cb16937105a1.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\dd6a7900-6591-4a40-953b-90478f05b0a5.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\dfd0e9d4-e899-4ece-ae22-1ea2e7f0f2db.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\1e14afe9-e6a4-4644-8408-9450dbc39397.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\1e4e5a6d-f7ea-47ee-8c95-311d7a122cea.tmp
|
JSON data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\2d43bd36-bbcb-4ab9-acc1-53a88ea65556.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\3a645a9e-7866-4cff-9988-a2c03f9628d4.tmp
|
JSON data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\4819995f-5181-45d4-a862-dbf2dc38d009.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\752d8b50-a12f-4905-b9a1-0b234b220244.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\7e0c2793-c63b-4e41-9733-73a621b76369.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\91027bf2-814a-4262-b67c-76bc82f369b6.tmp
|
JSON data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\92186860-059b-4cbe-8b8f-2b89d71d1fea.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\c381af7f-3cc2-44a1-b4e5-999601221954.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-66D3A698-2380.pma
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-66D3A6A0-4EC.pma
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-66D3A6A8-2088.pma
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-66D3A6B5-1F94.pma
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\CrashpadMetrics-active.pma
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\0d1338dd-76c8-4006-999b-017901ba0e76.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\0ea10f97-06fc-41d5-bad7-db1f80573326.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\23c9c306-f493-430c-8634-ab5a3e629f0c.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\90233894-e407-40c7-b366-5d37704e1251.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AssistanceHome\AssistanceHomeSQLite
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 3, cookie 0x1, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeEDrop\EdgeEDropSQLite.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 14, database pages 8, cookie 0xe, schema 4, UTF-8,
version-valid-for 14
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 5
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\ExtensionActivityComp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 1, cookie 0x1, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\ExtensionActivityEdge
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 8, cookie 0x8, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 39, 1st free page 10, free
pages 4, cookie 0x45, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 2, database pages 28, cookie
0x1d, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network Action Predictor
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 11, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\1f9c9225-f25e-4ec6-9fdc-b6cec41f00af.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\47f2d0a1-37af-4310-9bc8-538e6642f44d.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\987ced2f-256e-404f-83cc-25611b150211.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF3008e.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF3ecc2.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3035005, file counter 4, database pages 9, cookie 0x4, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF2d9bc.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF2e48a.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity~RF3008e.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Trust Tokens
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\a1cd54cb-06e1-45b3-b5d7-1b1b5a3f7a11.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\be68c1a9-1f32-4ae4-a8e1-ec15092f8b99.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\ceaea818-1291-4598-8650-3497b470de5b.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\d1e69988-77bc-4862-9ca3-61cf295a47c3.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF3542c.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF3e3aa.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\PreferredApps
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF33886.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\506f49a2-a12e-4a91-ada0-f929dc094c77.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\5070c605-1650-4d98-9bee-34a815735b66.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network
Persistent State
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network
Persistent State~RF3fd1e.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Reporting
and NEL
|
SQLite 3.x database, last written using SQLite version 3035005, file counter 4, database pages 9, cookie 0x4, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT
Auditing Pending Reports (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT
Auditing Pending Reports~RF2e48a.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch
Dictionaries (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust
Tokens
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\ac82eb1c-f3af-4ab5-bf92-4ccd8a81c967.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\b50a2806-002f-4ef4-9e69-e0b6b95e22ff.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Top Sites
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 7, 1st free page 5, free pages
2, cookie 0x5, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 4, database pages 87, cookie
0x66, schema 4, UTF-8, version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json
|
ASCII text, with very long lines (3951), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\b4e1bbf5-20ec-46e3-8265-ecc2c033eb25.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\c072d0e7-f0ed-4946-9362-e7cc246311e1.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\fd97f140-bee9-4624-8861-aafba386d2c9.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\heavy_ad_intervention_opt_out.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 4, cookie 0x2, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2d269.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2f199.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2f1e8.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2f1f7.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF31250.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF31260.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF345d4.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3bbfe.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3e31e.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF40a2e.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF43332.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_3
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSynchronousLookupUris
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSynchronousLookupUris_0
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-0
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_636976985063396749.rel.v2
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\a6542511-ab2f-4082-ae01-8db199af1171.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\b00010bc-f3c7-48e9-9f4d-24530f80467a.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\bb07e2fd-43d4-4c43-a6d4-c6fa2a6e174d.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5e0b2c98-fd8a-46b4-97f5-9ab3c5dafc65.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7f88bc31-0c42-4289-8b1f-24ba851e3ca2.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\8fbd174d-c7c3-47e9-a98c-cb26a804135f.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\cv_debug.log
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\f70ef61b-b90b-4245-bea7-31e176816acf.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_1456613435\7f88bc31-0c42-4289-8b1f-24ba851e3ca2.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_1456613435\CRX_INSTALL\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_1456613435\CRX_INSTALL\content.js
|
Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_1456613435\CRX_INSTALL\content_new.js
|
Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_1456613435\CRX_INSTALL\manifest.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\8fbd174d-c7c3-47e9-a98c-cb26a804135f.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\af\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\am\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\ar\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\az\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\be\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\bg\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\bn\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\ca\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\cs\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\cy\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\da\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\de\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\el\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\en\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\en_CA\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\en_GB\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\en_US\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\es\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\es_419\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\et\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\eu\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\fa\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\fi\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\fil\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\fr\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\fr_CA\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\gl\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\gu\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\hi\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\hr\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\hu\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\hy\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\id\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\is\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\it\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\iw\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\ja\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\ka\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\kk\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\km\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\kn\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\ko\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\lo\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\lt\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\lv\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\ml\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\mn\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\mr\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\ms\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\my\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\ne\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\nl\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\no\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\pa\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\pl\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\pt_BR\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\pt_PT\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\ro\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\ru\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\si\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\sk\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\sl\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\sr\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\sv\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\sw\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\ta\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\te\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\th\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\tr\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\uk\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\ur\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\vi\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\zh_CN\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\zh_HK\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\zh_TW\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_locales\zu\messages.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\dasherSettingSchema.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\manifest.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\offscreendocument.html
|
HTML document, ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\offscreendocument_main.js
|
ASCII text, with very long lines (4369)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\page_embed_script.js
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir9088_866148050\CRX_INSTALL\service_worker_bin_prod.js
|
ASCII text, with very long lines (4369)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\875a60a09683c344.customDestinations-ms (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\I9PRC721EAAP6P91ACIH.temp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\OHSW5UYIO8MAINXC1JMG.temp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms (copy)
|
data
|
dropped
|
There are 512 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI
--disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2184 --field-trial-handle=2008,i,5833191931031966787,11974390165004238764,262144
--disable-features=TranslateUI /prefetch:3
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI
--disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
--flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2244 --field-trial-handle=1804,i,18184782994043633640,12395179096115929868,262144
--disable-features=TranslateUI /prefetch:3
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService
--lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=7268 --field-trial-handle=1804,i,18184782994043633640,12395179096115929868,262144
--disable-features=TranslateUI /prefetch:8
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor
--lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7640 --field-trial-handle=1804,i,18184782994043633640,12395179096115929868,262144
--disable-features=TranslateUI /prefetch:8
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7824 --field-trial-handle=1804,i,18184782994043633640,12395179096115929868,262144
--disable-features=TranslateUI /prefetch:8
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7824 --field-trial-handle=1804,i,18184782994043633640,12395179096115929868,262144
--disable-features=TranslateUI /prefetch:8
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2804 --field-trial-handle=2776,i,10210569004734922129,3048049955539561907,262144
/prefetch:3
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService
--lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=4388 --field-trial-handle=2776,i,10210569004734922129,3048049955539561907,262144
/prefetch:8
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=6096 --field-trial-handle=2776,i,10210569004734922129,3048049955539561907,262144
/prefetch:8
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=6096 --field-trial-handle=2776,i,10210569004734922129,3048049955539561907,262144
/prefetch:8
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2284 --field-trial-handle=2084,i,16719056843521875255,13518431660041794610,262144
/prefetch:3
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=1948 --field-trial-handle=2092,i,17085435103752643681,17795961976953740855,262144
/prefetch:3
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
|
|
|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=2088,i,17697685816420570348,13963450996301655899,262144
/prefetch:3
|
|
There are 10 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://www.office.com/
|
unknown
|
||
|
https://chrome.cloudflare-dns.com
|
unknown
|
||
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://msn.com
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://drive-daily-2.corp.google.com/
|
unknown
|
||
|
https://drive-autopush.corp.google.com/
|
unknown
|
||
|
https://drive-daily-4.corp.google.com/
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://www.office.com/Office
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://drive-daily-1.corp.google.com/
|
unknown
|
||
|
https://drive-daily-5.corp.google.com/
|
unknown
|
||
|
https://www.google.com/favicon.ico
|
142.250.72.100
|
||
|
https://docs.google.com/
|
unknown
|
||
|
https://bzib.nelreports.net/api/report?cat=bingbusiness
|
unknown
|
||
|
https://chrome.cloudflare-dns.com/dns-query
|
172.64.41.3
|
||
|
https://drive-staging.corp.google.com/
|
unknown
|
||
|
https://www.google.com/chrome
|
unknown
|
||
|
https://drive-daily-6.corp.google.com/
|
unknown
|
||
|
https://drive.google.com/
|
unknown
|
||
|
https://drive-daily-0.corp.google.com/
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://chromewebstore.google.com/
|
unknown
|
||
|
https://drive-preprod.corp.google.com/
|
unknown
|
||
|
https://clients2.googleusercontent.com
|
unknown
|
||
|
https://chrome.google.com/webstore/
|
unknown
|
||
|
https://myaccount.google.com/signinoptions/passwordC:
|
unknown
|
||
|
https://clients2.googleusercontent.com/crx/blobs/AY4GWKBMNax_FQrZEVzNkO_0mu3UShnzR6AihR_EPjVIUOT_pwZzkWCpOk8YKIu0qnIq_YObWXuPyiJ7NA0nDjMHUEYIIEknsNvJHXuPd0MqxESzoxi9xiMyJKNwZiVV1yEAxlKa5UVe61sINARQ7fO9dE0bkfP_W4GG/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_80_1_0.crx
|
142.250.186.161
|
||
|
https://drive-daily-3.corp.google.com/
|
unknown
|
There are 21 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
chrome.cloudflare-dns.com
|
162.159.61.3
|
||
|
googlehosted.l.googleusercontent.com
|
142.250.186.161
|
||
|
s-part-0032.t-0009.t-msedge.net
|
13.107.246.60
|
||
|
sni1gl.wpc.nucdn.net
|
152.199.21.175
|
||
|
s-part-0029.t-0009.t-msedge.net
|
13.107.246.57
|
||
|
clients2.googleusercontent.com
|
unknown
|
||
|
bzib.nelreports.net
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
13.107.246.57
|
s-part-0029.t-0009.t-msedge.net
|
United States
|
||
|
142.250.186.161
|
googlehosted.l.googleusercontent.com
|
United States
|
||
|
152.195.19.97
|
unknown
|
United States
|
||
|
142.250.176.206
|
unknown
|
United States
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
13.107.246.60
|
s-part-0032.t-0009.t-msedge.net
|
United States
|
||
|
142.250.81.238
|
unknown
|
United States
|
||
|
162.159.61.3
|
chrome.cloudflare-dns.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
142.250.72.100
|
unknown
|
United States
|
||
|
172.64.41.3
|
unknown
|
United States
|
There are 1 hidden IPs, click here to show them.
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
MicrosoftEdgeAutoLaunch_5736606B9E4AF5D84DA5A728AAAD52EB
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
MicrosoftEdgeAutoLaunch_C366A24065C39A1BE76E148DC2D0A868
|
|
|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
metricsid
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
metricsid_installdate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
metricsid_enableddate
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
media.cdm.origin_data
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PrefsLightweight
|
lw_a5d6a53e96afdef13bf25bb88d9341c7
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
lastrun
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\Clients\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}\Commands\on-logon-autolaunch
|
Enabled
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Profiles\Default
|
ProfileErrorState
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Profiles
|
EnhancedLinkOpeningDefault
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dgiklkfkllikcanfonkcabmbdfmgleag
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
fikbjbembnmfhppjfnmfkahdhfohhjmg
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
iglcjdemknebjbklcgkfaebgojjphkec
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ihmafllikibpmigkcoadcmckbfhibefp
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jdiccldimpdaibmpdkjnbmckianbfold
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ncbjelpjchkpbikbpkcchkhkblodoama
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dgiklkfkllikcanfonkcabmbdfmgleag
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
fikbjbembnmfhppjfnmfkahdhfohhjmg
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
iglcjdemknebjbklcgkfaebgojjphkec
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ihmafllikibpmigkcoadcmckbfhibefp
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jdiccldimpdaibmpdkjnbmckianbfold
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ncbjelpjchkpbikbpkcchkhkblodoama
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
edge.services.account_id
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
edge.services.last_username
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
edge.services.last_account_id
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
version
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PrefsLightweight
|
lw_13bbe73648289fe96dfa1aa1bf23b3da
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Profiles\Default
|
ShortcutName
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dgiklkfkllikcanfonkcabmbdfmgleag
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
fikbjbembnmfhppjfnmfkahdhfohhjmg
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ghbmnnjooekpmoecnnnilnnbdlolhkhi
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
iglcjdemknebjbklcgkfaebgojjphkec
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ihmafllikibpmigkcoadcmckbfhibefp
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jdiccldimpdaibmpdkjnbmckianbfold
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ncbjelpjchkpbikbpkcchkhkblodoama
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dgiklkfkllikcanfonkcabmbdfmgleag
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
fikbjbembnmfhppjfnmfkahdhfohhjmg
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ghbmnnjooekpmoecnnnilnnbdlolhkhi
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
iglcjdemknebjbklcgkfaebgojjphkec
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ihmafllikibpmigkcoadcmckbfhibefp
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jdiccldimpdaibmpdkjnbmckianbfold
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jmjflgjpcpepeafmmgdpfkogkghcpiha
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ncbjelpjchkpbikbpkcchkhkblodoama
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
lastrun
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
lastrun
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
lastrun
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
lastrun
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
There are 100 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
AAA000
|
stack
|
page read and write
|
||
|
26C000
|
unkown
|
page read and write
|
||
|
1A1000
|
unkown
|
page execute read
|
||
|
274000
|
unkown
|
page readonly
|
||
|
15B2000
|
heap
|
page read and write
|
||
|
15B5000
|
heap
|
page read and write
|
||
|
23C000
|
unkown
|
page readonly
|
||
|
11CE000
|
stack
|
page read and write
|
||
|
B10000
|
heap
|
page read and write
|
||
|
1360000
|
heap
|
page read and write
|
||
|
11BF000
|
stack
|
page read and write
|
||
|
1A1000
|
unkown
|
page execute read
|
||
|
15B0000
|
heap
|
page read and write
|
||
|
11FF000
|
stack
|
page read and write
|
||
|
3850000
|
heap
|
page read and write
|
||
|
1588000
|
heap
|
page read and write
|
||
|
15B2000
|
heap
|
page read and write
|
||
|
15A3000
|
heap
|
page read and write
|
||
|
11DB000
|
stack
|
page read and write
|
||
|
BF0000
|
heap
|
page read and write
|
||
|
1370000
|
heap
|
page read and write
|
||
|
274000
|
unkown
|
page readonly
|
||
|
15B2000
|
heap
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
23C000
|
unkown
|
page readonly
|
||
|
1580000
|
heap
|
page read and write
|
||
|
1A0000
|
unkown
|
page readonly
|
||
|
26C000
|
unkown
|
page write copy
|
||
|
3854000
|
heap
|
page read and write
|
||
|
262000
|
unkown
|
page readonly
|
||
|
11EF000
|
stack
|
page read and write
|
||
|
1A0000
|
unkown
|
page readonly
|
||
|
262000
|
unkown
|
page readonly
|
||
|
270000
|
unkown
|
page write copy
|
There are 24 hidden memdumps, click here to show them.