Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
file.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\028b2604-954e-4881-8073-b496fcea600d.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\129618f1-61e7-4148-a0df-41719c74ce70.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\1faec218-0ebf-4651-9b9b-55a613986089.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\5e195fbc-e770-4a3e-b564-965795c1cc88.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\7e8b4564-6ad0-433a-b11b-9b81061981ed.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\850d6b3a-ebd4-4ce7-a792-fffac87e1160.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\979bd243-a712-42a3-a2af-0f2e2fe8b222.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Ad Blocking\b130fc92-2212-4491-80d2-e8e26f305032.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Ad Blocking\blocklist (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\BrowserMetrics-spare.pma (copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\BrowserMetrics-spare.pma.tmp
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\BrowserMetrics\BrowserMetrics-66CEF304-1558.pma
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\BrowserMetrics\BrowserMetrics-66CEF305-1C5C.pma
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\settings.dat
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\throttle_store.dat
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\1ed43701-8a60-45d1-8457-6b5fb10faa26.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\546f0035-47c1-43e9-a3d2-1257c9a99ba8.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\6e8b79c9-5196-40a7-b873-16ec8458ea2f.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\000003.log
|
data
|
modified
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\AssistanceHome\AssistanceHomeSQLite
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 3, cookie 0x1, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_0
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\f_000001
|
gzip compressed data, was "asset", last modified: Fri Aug 2 18:10:34 2024, max compression, original size modulo 2^32 374872
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\js\index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\js\index-dir\temp-index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\js\index-dir\the-real-index (copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\wasm\index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\wasm\index-dir\temp-index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\wasm\index-dir\the-real-index (copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeEDrop\EdgeEDropSQLite.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 14, database pages 8, cookie 0xe, schema 4, UTF-8,
version-valid-for 14
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 5
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log
|
data
|
modified
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT
(copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\domains_config.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\ExtensionActivityComp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 1, cookie 0x1, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\ExtensionActivityEdge
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 8, cookie 0x8, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Favicons
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 10, cookie
0x8, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\History
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\History-journal
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\HubApps Icons
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\CURRENT
(copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Login Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie
0xe, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network Action Predictor
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 11, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\0ca52be4-b4b0-4fd4-8a26-74a6f3a5211d.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\0ebb717f-5fe4-4ffb-9757-dbdb39077330.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\8574c4a1-d290-4ce4-9049-dca18ce9f875.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Cookies
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Network Persistent State (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Network Persistent State~RF459d4.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 9, cookie 0x4, schema 4, UTF-8,
version-valid-for 6
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\SCT Auditing Pending Reports (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\SCT Auditing Pending Reports~RF337ca.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Sdch Dictionaries (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Trust Tokens
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\bbb2d495-2abc-443a-be9f-e86e41213a06.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\c1abacaa-d8f6-4b46-9039-19399492ac6a.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Nurturing\campaign_history
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Preferences (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Preferences~RF3c843.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Preferences~RF43d73.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\PreferredApps
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\README
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Secure Preferences (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Secure Preferences~RF39869.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Shortcuts
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index-dir\temp-index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index-dir\the-real-index
(copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index-dir\temp-index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index-dir\the-real-index
(copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local
Storage\leveldb\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local
Storage\leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local
Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local
Storage\leveldb\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\4953c400-06ff-40c9-b0f9-943a7a55dbc3.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\544e72fb-c97f-4f35-9e6e-f27134bf7a46.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\609ef57d-b6a6-4786-897e-84ec6f88ba04.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network
Persistent State (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network
Persistent State~RF459e4.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Reporting
and NEL
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x4, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT
Auditing Pending Reports (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch
Dictionaries (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust
Tokens
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\d7891b5d-a82c-497f-a3b3-6fc23d005c15.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Top Sites
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Visited Links
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Web Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 4, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 4
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\WebAssistDatabase
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 7, cookie
0xb, schema 4, UTF-8, version-valid-for 10
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\arbitration_service_config.json
|
ASCII text, with very long lines (3951), with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\b9e5c1c4-7bbe-403e-97dd-f16cbb9a8dbc.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\c4463a87-1fa3-4786-9c89-ff3ebac20df5.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\d1a0156b-49bc-4a2a-95b8-9ca25878bfd2.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\ee448764-e91c-4053-a7b5-4040e33ef39a.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\heavy_ad_intervention_opt_out.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 4, cookie 0x2, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db
|
SQLite 3.x database, last written using SQLite version 3042000, writer version 2, read version 2, file counter 1, database
pages 1, cookie 0, schema 0, unknown 0 encoding, version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db-journal
|
SQLite Rollback Journal
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db-shm
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db-wal
|
SQLite Write-Ahead Log, version 3007000
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\000003.log
|
data
|
modified
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Last Browser
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF329ff.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF32a0f.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF32cbe.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF32cce.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF353af.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF393d5.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF41624.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF43d44.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF48614.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF5072b.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Nurturing\campaign_history
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSettings
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSynchronousLookupUris
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSynchronousLookupUris_0
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\edgeSettings
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\edgeSettings_2.0-0
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\synchronousLookupUris
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\synchronousLookupUris_636976985063396749.rel.v2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\topTraffic
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Variations
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\a35d8489-6425-43be-b47b-7e3c7daab033.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\a8460ac4-5267-4c51-be03-90308f19bfda.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\c7b8b970-b94d-4462-82fb-940f5c562e50.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\e5efb0a9-6914-4f12-8041-6df5f92dc0f8.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\0c7fc985-d611-41ce-ba68-4f3de115a314.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\21d77725-e873-4bb6-97d2-0029bc1f9f0d.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\64354878-b993-4d1a-bc79-9e628b810107.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\78b53755-68e8-455e-bf6f-c8b90438e93d.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\7d1e5180-e2fb-455a-b721-4ff050021daf.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\9cd17aaf-1ffd-4196-b399-3bda3098d725.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-66CEF31E-2468.pma
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\4720b1fd-bc9f-4ab4-b3ed-d3fc68b1a4af.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\864f21ac-f622-49d1-b879-c65ade14d1ce.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\89efa816-f860-443a-bb16-c453af0f9121.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\9476c6d7-9260-43b0-a97b-aec97e1f5f5c.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old~RF38d0e.TMP (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old~RF38d7c.TMP (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\4fded1fb-4851-4ed6-a2a6-07d52b115347.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\57577e81-d3e7-4c26-94e2-6d29e796d6c9.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\83486188-1a10-4040-8196-7d8aa36a6e5a.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF38ed3.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF38ed3.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\d8bde7f4-1439-4bd2-8931-6f9193c39298.tmp
|
JSON data
|
modified
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF38e37.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old~RF38d6c.TMP (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\07709de8-3f72-49ec-8095-fe2823f9f67d.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network
Persistent State (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT
Auditing Pending Reports (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust
Tokens
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\a50cf51e-1b1c-474a-b3ca-456cb7c14f21.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old~RF38d0e.TMP (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 10
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\c2a647a4-2e7d-4fbb-a557-017deef5c595.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\c70d43d3-6e2e-44ae-8f5a-fea7f2ecf3f7.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\f705b971-5de6-4ee2-b9e6-42f24008fdbe.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
|
SQLite 3.x database, last written using SQLite version 3042000, writer version 2, read version 2, file counter 8, database
pages 11, cookie 0x7, schema 4, UTF-8, version-valid-for 8
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old~RF38d5c.TMP (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old~RF38d4d.TMP (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF36c96.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF36dde.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF36ea9.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF38d5c.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF38dab.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF38e28.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_1
|
data
|
modified
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\a6146928-38f2-4dce-818b-3b08a53fd420.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\chrome_PuffinComponentUnpacker_BeginUnzipping7260_429672752\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\chrome_PuffinComponentUnpacker_BeginUnzipping7260_429672752\manifest.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\chrome_PuffinComponentUnpacker_BeginUnzipping7260_429672752\protocols.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\chrome_PuffinComponentUnpacker_BeginUnzipping7260_443118391\crl-set
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\chrome_PuffinComponentUnpacker_BeginUnzipping7260_443118391\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\chrome_PuffinComponentUnpacker_BeginUnzipping7260_443118391\manifest.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\cv_debug.log
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\875a60a09683c344.customDestinations-ms (copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\9QYVBDTU455WMKW5E2ZU.temp
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\EQDQJJXGHYMA3X9DG81U.temp
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms (copy)
|
data
|
dropped
|
There are 311 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI
--disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2036 --field-trial-handle=1952,i,11849779078856253836,7449960238563698719,262144
--disable-features=TranslateUI /prefetch:3
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI
--disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
--flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2704 --field-trial-handle=2544,i,7579823385293257062,16357275342585865479,262144
--disable-features=TranslateUI /prefetch:3
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService
--lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=4040 --field-trial-handle=2544,i,7579823385293257062,16357275342585865479,262144
--disable-features=TranslateUI /prefetch:8
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor
--lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6912 --field-trial-handle=2544,i,7579823385293257062,16357275342585865479,262144
--disable-features=TranslateUI /prefetch:8
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2936 --field-trial-handle=2364,i,6176290936601016668,17070727847601013962,262144
/prefetch:3
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService
--lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=2896 --field-trial-handle=2364,i,6176290936601016668,17070727847601013962,262144
/prefetch:8
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2204 --field-trial-handle=2080,i,8600420615512392636,11898406338169848450,262144
/prefetch:3
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService
--lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=3596 --field-trial-handle=2080,i,8600420615512392636,11898406338169848450,262144
/prefetch:8
|
There are 3 hidden processes, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://www.office.com/
|
unknown
|
||
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
https://bzib.nelreports.net/api/report?cat=bingbusiness
|
23.54.161.105
|
||
https://duckduckgo.com/ac/?q=
|
unknown
|
||
https://chrome.cloudflare-dns.com/dns-query
|
162.159.61.3
|
||
https://msn.com
|
unknown
|
||
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
https://.onedrive.live.com
|
unknown
|
||
https://.onedrive.com
|
unknown
|
||
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
https://www.office.com/Office
|
unknown
|
||
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
https://sharepoint.com
|
unknown
|
||
https://www.google.com/favicon.ico
|
142.250.81.228
|
There are 5 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
chrome.cloudflare-dns.com
|
162.159.61.3
|
||
s-part-0032.t-0009.t-msedge.net
|
13.107.246.60
|
||
bzib.nelreports.net
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
142.251.179.84
|
unknown
|
United States
|
||
142.251.40.206
|
unknown
|
United States
|
||
192.168.2.16
|
unknown
|
unknown
|
||
192.168.2.4
|
unknown
|
unknown
|
||
13.107.246.60
|
s-part-0032.t-0009.t-msedge.net
|
United States
|
||
142.250.81.228
|
unknown
|
United States
|
||
192.168.2.5
|
unknown
|
unknown
|
||
162.159.61.3
|
chrome.cloudflare-dns.com
|
United States
|
||
23.54.161.105
|
unknown
|
United States
|
||
142.251.40.110
|
unknown
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
There are 1 hidden IPs, click here to show them.
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
metricsid
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
metricsid_installdate
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PrefsLightweight
|
lw_8b2c99fb8fe6c942191cb0c60151919b
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
MicrosoftEdgeAutoLaunch_E81D8DD3EACFA71E827377A4597DF902
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dgiklkfkllikcanfonkcabmbdfmgleag
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
fikbjbembnmfhppjfnmfkahdhfohhjmg
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
iglcjdemknebjbklcgkfaebgojjphkec
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ihmafllikibpmigkcoadcmckbfhibefp
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jdiccldimpdaibmpdkjnbmckianbfold
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ncbjelpjchkpbikbpkcchkhkblodoama
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dgiklkfkllikcanfonkcabmbdfmgleag
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
fikbjbembnmfhppjfnmfkahdhfohhjmg
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
iglcjdemknebjbklcgkfaebgojjphkec
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ihmafllikibpmigkcoadcmckbfhibefp
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jdiccldimpdaibmpdkjnbmckianbfold
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ncbjelpjchkpbikbpkcchkhkblodoama
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
media.cdm.origin_data
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
software_reporter.reporting
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
media.storage_id_salt
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
edge.services.account_id
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
edge.services.last_username
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
pinned_tabs
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
search_provider_overrides
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
edge.services.last_account_id
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
session.startup_urls
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
session.restore_on_startup
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
browser.show_home_button
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
homepage
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
lastrun
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dgiklkfkllikcanfonkcabmbdfmgleag
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
fikbjbembnmfhppjfnmfkahdhfohhjmg
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
iglcjdemknebjbklcgkfaebgojjphkec
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ihmafllikibpmigkcoadcmckbfhibefp
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jdiccldimpdaibmpdkjnbmckianbfold
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ncbjelpjchkpbikbpkcchkhkblodoama
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Profiles\Default
|
ShortcutName
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
lastrun
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
lastrun
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
There are 69 hidden registries, click here to show them.
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
CD1000
|
heap
|
page read and write
|
||
170000
|
unkown
|
page readonly
|
||
19E0000
|
heap
|
page read and write
|
||
170000
|
unkown
|
page readonly
|
||
A40000
|
heap
|
page read and write
|
||
232000
|
unkown
|
page readonly
|
||
CD4000
|
heap
|
page read and write
|
||
23C000
|
unkown
|
page read and write
|
||
171000
|
unkown
|
page execute read
|
||
AB0000
|
heap
|
page read and write
|
||
240000
|
unkown
|
page write copy
|
||
34A000
|
stack
|
page read and write
|
||
CA8000
|
heap
|
page read and write
|
||
171000
|
unkown
|
page execute read
|
||
CA0000
|
heap
|
page read and write
|
||
20C000
|
unkown
|
page readonly
|
||
244000
|
unkown
|
page readonly
|
||
3384000
|
heap
|
page read and write
|
||
232000
|
unkown
|
page readonly
|
||
9CF000
|
stack
|
page read and write
|
||
AC0000
|
heap
|
page read and write
|
||
9DB000
|
stack
|
page read and write
|
||
3B0000
|
heap
|
page read and write
|
||
9BF000
|
stack
|
page read and write
|
||
9EF000
|
stack
|
page read and write
|
||
3380000
|
heap
|
page read and write
|
||
9FF000
|
stack
|
page read and write
|
||
244000
|
unkown
|
page readonly
|
||
CD3000
|
heap
|
page read and write
|
||
23C000
|
unkown
|
page write copy
|
||
20C000
|
unkown
|
page readonly
|
There are 21 hidden memdumps, click here to show them.