Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
Logo Hotel Gabriela.svg
|
SVG Scalable Vector Graphics image
|
initial sample
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\26783c02-9f78-47ce-ac4a-0b3c2d005acd.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\27a4bbfc-6a48-43f8-832d-7629def98947.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\3425e8f7-9446-4739-b3b9-ce6536ca0829.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\9b7a22b9-4563-4b4a-95ae-bf9dcfe937af.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\9b93b0a3-41f4-458e-a3c4-0c1481da8a56.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\4ef7c579-9509-42d8-835c-8466b8814261.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma (copy)
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma.tmp
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-671A2D13-14EC.pma
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\0825b93b-15c8-411b-b075-e95e6bfab72f.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\14ba6640-29fc-4941-af92-6e9f7929ae5b.tmp
|
ASCII text, with very long lines (1597), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\3a9b9275-0520-46de-80d6-698d6ee50b61.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\3f2517e7-00a9-4b72-a5c8-1050ad171110.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\49bc3e62-226d-4796-8d9f-ae7047273c67.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\60419a10-09d1-4533-9194-5ed1845ccd36.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\7f3d8570-d5db-4190-93e6-35865e1cdb34.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DashTrackerDatabase
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 5, database pages 5, cookie 0x5,
schema 4, UTF-8, version-valid-for 5
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 6
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json
|
JSON data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 2
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)
|
ASCII text, with very long lines (1597), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 12, cookie 0x3, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\019a4eb2-c76e-49bb-b4bc-407dfaf83981.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\470553a0-2a16-481a-9984-fa1c4269701d.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\4a722ea0-5add-463a-97cc-2f2532311226.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\4d34475c-85b5-4bae-b9dc-c593c863cbe6.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\9d60ba91-050a-4e66-89ba-958b4ef92b56.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF459e4.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 9, cookie 0x4, schema 4, UTF-8,
version-valid-for 6
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF34893.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF36199.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\b3e54eb1-4e21-40bb-bc73-ea251b7316ce.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF38b78.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF3d301.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF44831.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF38713.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13374242326391640
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\34f3905e-f257-494a-8e95-85457987b7b9.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\447eadaa-eaae-4706-9410-c13c3de9c6fe.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network
Persistent State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT
Auditing Pending Reports (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT
Auditing Pending Reports~RF36199.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch
Dictionaries (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust
Tokens
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\abb678d2-8ffe-49a7-b699-9a1e6304de2b.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\d80aea5d-8dc5-45da-9c8c-f616c78d0e5e.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old
(copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie
0x36, schema 4, UTF-8, version-valid-for 10
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json
|
ASCII text, with very long lines (3951), with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\c5cb51f0-d42b-498d-9f1e-dbb79b33bb6f.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\f23dd5e6-77d9-4ff3-a9db-cf2b5920fbc5.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
|
data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
|
ASCII text
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF33569.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF33578.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF336ef.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF35dff.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF447f2.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF4a4d7.TMP (copy)
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\e7b8e495-deed-40c1-8a1b-b2850f258c11.tmp
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\eebc590b-5dc1-4547-b0cd-7235c8684d26.tmp
|
JSON data
|
modified
|
||
|
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\5956b073-f210-4002-8760-bd0b6269068f.tmp
|
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x720, components
3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\7b1f35d6-2b4f-4d68-b58d-2812b80c1107.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\94ba90db-49c8-49da-a17c-5a2cccdc6bf1.tmp
|
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 41900
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\95271c06-f195-45a9-a33c-73d55ef4d2df.tmp
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\cv_debug.log
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\e2a520b3-4cf4-430b-975b-a4c9ad8ebd4f.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5356_878672989\CRX_INSTALL\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5356_878672989\CRX_INSTALL\content.js
|
Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5356_878672989\CRX_INSTALL\content_new.js
|
Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5356_878672989\CRX_INSTALL\manifest.json
|
JSON data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scoped_dir5356_878672989\e2a520b3-4cf4-430b-975b-a4c9ad8ebd4f.tmp
|
Google Chrome extension, version 3
|
dropped
|
There are 131 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\user\Desktop\Logo Hotel Gabriela.svg
|
||
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2260 --field-trial-handle=2200,i,1754445458487421767,17533514281976796821,262144
/prefetch:3
|
||
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
--single-argument C:\Users\user\Desktop\Logo Hotel Gabriela.svg
|
||
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2808 --field-trial-handle=2408,i,8531811663938437510,5389753651461925342,262144
/prefetch:3
|
||
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService
--lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6576 --field-trial-handle=2408,i,8531811663938437510,5389753651461925342,262144
/prefetch:8
|
||
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor
--lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6828 --field-trial-handle=2408,i,8531811663938437510,5389753651461925342,262144
/prefetch:8
|
||
|
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker
--lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6336 --field-trial-handle=2408,i,8531811663938437510,5389753651461925342,262144
/prefetch:8
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
|
https://web.whatsapp.com
|
unknown
|
||
|
https://duckduckgo.com/ac/?q=
|
unknown
|
||
|
https://www.officeplus.cn/?sid=shoreline&endpoint=OPPC&source=OPCNshoreline
|
unknown
|
||
|
https://m.kugou.com/
|
unknown
|
||
|
https://www.office.com
|
unknown
|
||
|
https://outlook.live.com/mail/0/
|
unknown
|
||
|
https://www.last.fm/
|
unknown
|
||
|
https://powerpoint.new?from=EdgeM365Shoreline
|
unknown
|
||
|
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
|
https://tidal.com/
|
unknown
|
||
|
https://www.youtube.com
|
unknown
|
||
|
https://www.instagram.com
|
unknown
|
||
|
https://web.skype.com/?browsername=edge_canary_shoreline
|
unknown
|
||
|
https://gaana.com/
|
unknown
|
||
|
https://outlook.live.com/mail/compose?isExtension=true
|
unknown
|
||
|
https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=1
|
unknown
|
||
|
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
|
https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=2
|
unknown
|
||
|
https://www.messenger.com
|
unknown
|
||
|
https://outlook.live.com/mail/inbox?isExtension=true&sharedHeader=1&nlp=1&client_flight=outlookedge
|
unknown
|
||
|
https://outlook.office.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true
|
unknown
|
||
|
https://outlook.office.com/mail/compose?isExtension=true
|
unknown
|
||
|
https://i.y.qq.com/n2/m/index.html
|
unknown
|
||
|
https://www.deezer.com/
|
unknown
|
||
|
https://latest.web.skype.com/?browsername=edge_canary_shoreline
|
unknown
|
||
|
https://word.new?from=EdgeM365Shoreline
|
unknown
|
||
|
https://web.telegram.org/
|
unknown
|
||
|
https://outlook.live.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true
|
unknown
|
||
|
https://outlook.office.com/mail/0/
|
unknown
|
||
|
https://manifestdeliveryservice.edgebrowser.microsoft-staging-falcon.io/app/page-context-demo
|
unknown
|
||
|
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
|
https://m.soundcloud.com/
|
unknown
|
||
|
https://mail.google.com/mail/mu/mp/266/#tl/Inbox
|
unknown
|
||
|
https://music.amazon.com
|
unknown
|
||
|
https://vibe.naver.com/today
|
unknown
|
||
|
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
|
https://outlook.office.com/mail/inbox?isExtension=true&sharedHeader=1&client_flight=outlookedge
|
unknown
|
||
|
https://open.spotify.com
|
unknown
|
||
|
https://twitter.com/
|
unknown
|
||
|
https://excel.new?from=EdgeM365Shoreline
|
unknown
|
||
|
https://web.skype.com/?browsername=edge_stable_shoreline
|
unknown
|
||
|
https://www.onenote.com/stickynotesstaging?isEdgeHub=true
|
unknown
|
||
|
https://m.vk.com/
|
unknown
|
||
|
https://bzib.nelreports.net/api/report?cat=bingbusiness
|
23.218.232.186
|
||
|
https://chrome.cloudflare-dns.com/dns-query
|
162.159.61.3
|
||
|
https://www.google.com/chrome
|
unknown
|
||
|
https://www.tiktok.com/
|
unknown
|
||
|
https://www.onenote.com/stickynotes?isEdgeHub=true
|
unknown
|
||
|
https://www.iheart.com/podcast/
|
unknown
|
||
|
https://music.yandex.com
|
unknown
|
||
|
https://chromewebstore.google.com/
|
unknown
|
||
|
https://clients2.googleusercontent.com
|
unknown
|
||
|
https://www.onenote.com/stickynotes?isEdgeHub=true&auth=2
|
unknown
|
||
|
https://www.onenote.com/stickynotes?isEdgeHub=true&auth=1
|
unknown
|
||
|
https://chrome.google.com/webstore/
|
unknown
|
||
|
https://y.music.163.com/m/
|
unknown
|
||
|
https://clients2.googleusercontent.com/crx/blobs/AYA8VyyVmiyWvldTRU0qGaR4RUSL6-YrG6uKRsMPsRWu4uzTWsENQ0Oe4TwjJlNxU5Vx3wW0XCsKQHAJ2XkWCO0eQ7UF3N9B6xg6w6N4ZQ_ezL5_s1EfR63s25vMOuhpdI4AxlKa5cntVqVuAOGwNK_pRVduNn5fPIzZ/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_83_1_0.crx
|
142.250.186.97
|
||
|
https://bard.google.com/
|
unknown
|
There are 49 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
chrome.cloudflare-dns.com
|
162.159.61.3
|
||
|
ssl.bingadsedgeextension-prod-europe.azurewebsites.net
|
94.245.104.56
|
||
|
s-part-0017.t-0009.fb-t-msedge.net
|
13.107.253.45
|
||
|
googlehosted.l.googleusercontent.com
|
142.250.186.97
|
||
|
clients2.googleusercontent.com
|
unknown
|
||
|
bzib.nelreports.net
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
23.198.7.175
|
unknown
|
United States
|
||
|
23.218.232.186
|
unknown
|
United States
|
||
|
13.107.246.57
|
unknown
|
United States
|
||
|
94.245.104.56
|
ssl.bingadsedgeextension-prod-europe.azurewebsites.net
|
United Kingdom
|
||
|
13.107.253.45
|
s-part-0017.t-0009.fb-t-msedge.net
|
United States
|
||
|
192.168.2.5
|
unknown
|
unknown
|
||
|
162.159.61.3
|
chrome.cloudflare-dns.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
23.218.232.182
|
unknown
|
United States
|
||
|
142.250.186.97
|
googlehosted.l.googleusercontent.com
|
United States
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
freseenversion
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
freseen
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Defaults
|
is_dse_recommended
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Defaults
|
is_startup_page_recommended
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\132216
|
WindowTabManagerFileMappingId
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dgiklkfkllikcanfonkcabmbdfmgleag
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
fikbjbembnmfhppjfnmfkahdhfohhjmg
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
iglcjdemknebjbklcgkfaebgojjphkec
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ihmafllikibpmigkcoadcmckbfhibefp
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jdiccldimpdaibmpdkjnbmckianbfold
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ncbjelpjchkpbikbpkcchkhkblodoama
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ahokoikenoafgppiblgpenaaaolecifn
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
bhmhibnbialendcafinliemndanacfaj
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
bobbggphonhgdonfdibkfipfepfcildj
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ceaifoolopnigfpidlheoagpheiplgii
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
cjneempfhkonkkbcmnfdibgobmhbagaj
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dabfebgaghanlbehmkmaflipiohdimmc
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dcaajljecejllikfgbhjdgeognacjkkp
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dgiklkfkllikcanfonkcabmbdfmgleag
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dmbljphlfghcnbohaoffiedmodfmkmol
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ehlmnljdoejdahfjdfobmpfancoibmig
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
eijpepilkjkofamihbmjcnihgpbebafj
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
enkoeamdnimieoooocohgbdajhhkajko
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
fikbjbembnmfhppjfnmfkahdhfohhjmg
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
fjngpfnaikknjdhkckmncgicobbkcnle
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
gbihlnbpmfkodghomcinpblknjhneknc
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
gbmoeijgfngecijpcnbooedokgafmmji
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
gcinnojdebelpnodghnoicmcdmamjoch
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
gecfnmoodchdkebjjffmdcmeghkflpib
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
gekagaaiohabmaknhkbaofhhedhelemf
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ghglcnachgghkhbafjogogiggghcpjig
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
hciemgmhplhpinoohcjpafmncmjapioh
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
hloomjjkinpbjldhobfkfdamkmikjmdo
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
hmlhageoffiiefnmojcgoagebofoifpl
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
iglcjdemknebjbklcgkfaebgojjphkec
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ihmafllikibpmigkcoadcmckbfhibefp
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jbleckejnaboogigodiafflhkajdmpcl
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jdiccldimpdaibmpdkjnbmckianbfold
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jgcbloklkllbkmkbfckchanipicejgah
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jlipacegilfgfpgkefbjcncbfcoeecgj
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jmjflgjpcpepeafmmgdpfkogkghcpiha
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jpfjdekhebcolnfkpicpciaknbgcdcbm
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
kfihiegbjaloebkmglnjnljoljgkkchm
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
khffkadolmfbdgahbabbhipadklfmhgf
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
kjncpkplfnolibapodobnnjfgmjmiaba
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
kkobcodijbdelbnhbfkkfncbeildnpie
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
kmojgmpmopiiagdfbilgognmlegkonbk
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ncbjelpjchkpbikbpkcchkhkblodoama
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nkbndigcebkoaejohleckhekfmcecfja
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nnpnekncnhiglbokoiffmejlimgmgoam
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ofefcgjbeghpigppfmkologfjadafddi
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ojmnomejplkgljjhjindfoilnmobmihe
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
olkdlefmaniacnmgofabnpmomgcpdaip
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
olmhchkiafniffcaiciiomfdplnmklak
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
pencekojiebcjhifbkfdncgmmooepclc
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ppnnjfpaneghjbcepgedmlcgmfgkjhah
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
media.cdm.origin_data
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
software_reporter.reporting
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
media.storage_id_salt
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
edge.services.account_id
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
edge.services.last_username
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
pinned_tabs
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
search_provider_overrides
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
edge.services.last_account_id
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
session.startup_urls
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
session.restore_on_startup
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
browser.show_home_button
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
homepage
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
lastrun
|
There are 86 hidden registries, click here to show them.