Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
file.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\1b3d88c0-ab2a-48a5-a0c0-f217361cb455.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\1f438701-fdb5-484e-b9c9-665ba401b177.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\4b1aae65-9646-4cbd-b859-6708119ca477.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\53dad864-d7d1-4bca-b00e-d346fb88d045.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\646d0f8f-5b21-49c2-8306-b688e9a070c1.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\95c250be-2d80-4416-ab42-66f0ec5c0d22.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\9ba62745-0b23-4d96-b801-b5c543a9f470.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\BrowserMetrics-spare.pma (copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\BrowserMetrics-spare.pma.tmp
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\BrowserMetrics\BrowserMetrics-66D0A3AF-580.pma
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\BrowserMetrics\BrowserMetrics-66D0A3B0-A98.pma
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\settings.dat
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\throttle_store.dat
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\3644440c-f6da-4d16-8b84-3b40725898b1.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\36f3149c-c249-4373-a2e1-9f042d28c24d.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\3931c9fb-2c94-41bd-82fb-de7ac27831bf.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\5715d350-d05b-4948-b9f7-2ab286f7804b.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\7758666c-e7b8-4ce9-9034-62e64f83dfd8.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\000003.log
|
data
|
modified
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\AssistanceHome\AssistanceHomeSQLite
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 3, cookie 0x1, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_0
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\f_000001
|
gzip compressed data, was "asset", last modified: Fri Aug 2 18:10:34 2024, max compression, original size modulo 2^32 374872
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\js\index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\js\index-dir\temp-index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\js\index-dir\the-real-index (copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\wasm\index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\wasm\index-dir\temp-index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\wasm\index-dir\the-real-index (copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeEDrop\EdgeEDropSQLite.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 14, database pages 8, cookie 0xe, schema 4, UTF-8,
version-valid-for 14
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 5
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT
(copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\domains_config.json
|
JSON data
|
modified
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\ExtensionActivityComp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 1, cookie 0x1, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\ExtensionActivityEdge
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 8, cookie 0x8, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Favicons
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 10, cookie
0x8, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\History
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\History-journal
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\HubApps Icons
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\CURRENT
(copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Login Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie
0xe, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network Action Predictor
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 11, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\04d17518-44e0-472a-a52f-3a16aced48ae.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\0bf814d7-d161-4b28-8158-ecb0bba980d9.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\273ea87a-c05e-41ed-8b72-51907fa9459b.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\3765af60-ffbf-4a10-a2ff-33c223eed38b.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\3a104fd9-623e-4ce8-82de-a36fcb02e076.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\7d43e5e5-9572-4c66-9c71-5f9002fe16c7.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Cookies
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Network Persistent State (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Network Persistent State~RF259de.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Network Persistent State~RF31752.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 9, cookie 0x4, schema 4, UTF-8,
version-valid-for 6
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\SCT Auditing Pending Reports (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\SCT Auditing Pending Reports~RF1f577.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Sdch Dictionaries (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Trust Tokens
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Nurturing\campaign_history
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Preferences (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Preferences~RF2863d.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Preferences~RF2fb7d.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\PreferredApps
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\README
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Secure Preferences (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Secure Preferences~RF25598.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Shortcuts
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index-dir\temp-index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index-dir\the-real-index
(copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index-dir\temp-index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index-dir\the-real-index
(copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local
Storage\leveldb\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local
Storage\leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local
Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local
Storage\leveldb\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\5853d932-7489-42f4-8f31-0b8bc9f68be9.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\83f9f307-9fa3-4292-aa45-24910e6bc75b.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\9fe86c57-e7b0-4519-95be-1ae88e922369.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network
Persistent State (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network
Persistent State~RF259de.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network
Persistent State~RF31752.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Reporting
and NEL
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x4, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT
Auditing Pending Reports (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch
Dictionaries (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust
Tokens
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\ec33c06a-9204-43bc-950e-8f3e800b98ad.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\fbe2d1bf-b7a6-46ff-a8e7-c5669a370125.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Top Sites
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Visited Links
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Web Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 4, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 4
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\WebAssistDatabase
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 7, cookie
0xb, schema 4, UTF-8, version-valid-for 10
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\a49cac97-35a7-49a2-899d-5f4fa84a8eb0.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\arbitration_service_config.json
|
ASCII text, with very long lines (3951), with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\d88efbde-23b8-4da6-8f1e-76946e5725b1.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\heavy_ad_intervention_opt_out.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 4, cookie 0x2, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db
|
SQLite 3.x database, last written using SQLite version 3042000, writer version 2, read version 2, file counter 1, database
pages 1, cookie 0, schema 0, unknown 0 encoding, version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db-journal
|
SQLite Rollback Journal
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db-shm
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db-wal
|
SQLite Write-Ahead Log, version 3007000
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\000003.log
|
data
|
modified
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Last Browser
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF1e8a5.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF1e8b5.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF1ea6a.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF1eaa9.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF211b9.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF2599f.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF2d43e.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF2fb5d.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF344f9.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Nurturing\campaign_history
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSettings
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSynchronousLookupUris
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSynchronousLookupUris_0
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\edgeSettings
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\edgeSettings_2.0-0
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\synchronousLookupUris
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\synchronousLookupUris_636976985063396749.rel.v2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\topTraffic
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Variations
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\c19e4566-a6d8-4e18-ba9e-c805fbb19cfd.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\cf4b2502-ca5b-4701-98e8-37836f8db63f.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\f2fd950d-e59c-4998-83b6-8ffc433e9cfd.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\6466ebb9-7c6c-4bb4-9383-317de9cfdbc5.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\70ea84a5-9902-4394-867f-6357ba4fef71.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\7f1a0d9e-96b3-41ea-8427-7f8ee0703734.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\9972b95c-7deb-4d5c-8fe7-34b65c888089.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-66D0A3C2-19D0.pma
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-66D0BD80-1DD4.pma
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\0e0750a8-166f-4118-bd83-2f754ddd55b9.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\65e90864-a99a-4d13-bef4-09d189ed2f41.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old~RF24feb.TMP (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old~RF25049.TMP (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\4821ed8d-cecd-463d-a9a2-05714c017d2e.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\4891e647-d12e-4755-a269-b3d3c9f40c61.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF250a6.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old~RF25058.TMP (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old~RF24f7d.TMP (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 9, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 9
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\aebcf912-4c7c-4945-8575-7b98c139c744.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\c6a0ed54-9cba-4b31-a379-1b2f281ddd95.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\eeadeb4f-695d-4a06-a8a8-d353cca3b6df.tmp
|
JSON data
|
modified
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\f4bbacee-d4cf-4273-a05b-f6825bc5656e.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db
|
SQLite 3.x database, last written using SQLite version 3042000, writer version 2, read version 2, file counter 8, database
pages 11, cookie 0x7, schema 4, UTF-8, version-valid-for 8
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF23186.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2331c.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF23454.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF25029.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF25077.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF250a6.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_1
|
data
|
modified
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\bed76ed2-7432-4783-9cf6-e7de0ec2d86d.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\d0494b35-0c63-42ed-a7c8-3c39beed892d.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\chrome_PuffinComponentUnpacker_BeginUnzipping2712_851266713\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\chrome_PuffinComponentUnpacker_BeginUnzipping2712_851266713\manifest.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\chrome_PuffinComponentUnpacker_BeginUnzipping2712_851266713\protocols.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\cv_debug.log
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\875a60a09683c344.customDestinations-ms (copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\HF6MJNJ8ATUJK83V4LF7.temp
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\IE22EI202G9AI34E7M0B.temp
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms (copy)
|
data
|
dropped
|
There are 289 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI
--disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2152 --field-trial-handle=2108,i,7710264983636281153,5119054965228980513,262144
--disable-features=TranslateUI /prefetch:3
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI
--disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
--flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=2100,i,1885348496410649633,9285471005895090872,262144
--disable-features=TranslateUI /prefetch:3
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService
--lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=3324 --field-trial-handle=2100,i,1885348496410649633,9285471005895090872,262144
--disable-features=TranslateUI /prefetch:8
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor
--lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6256 --field-trial-handle=2100,i,1885348496410649633,9285471005895090872,262144
--disable-features=TranslateUI /prefetch:8
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=2140,i,6801917156771722209,6087489757711729190,262144
/prefetch:3
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService
--lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=2104 --field-trial-handle=2140,i,6801917156771722209,6087489757711729190,262144
/prefetch:8
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2864 --field-trial-handle=2916,i,18081880558006340176,11351080329175143396,262144
/prefetch:3
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService
--lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=3520 --field-trial-handle=2916,i,18081880558006340176,11351080329175143396,262144
/prefetch:8
|
There are 3 hidden processes, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://www.office.com/
|
unknown
|
||
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
https://bzib.nelreports.net/api/report?cat=bingbusiness
|
23.44.133.38
|
||
https://duckduckgo.com/ac/?q=
|
unknown
|
||
https://chrome.cloudflare-dns.com/dns-query
|
162.159.61.3
|
||
https://msn.com
|
unknown
|
||
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
https://.onedrive.live.com
|
unknown
|
||
https://.onedrive.com
|
unknown
|
||
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
https://www.office.com/Office
|
unknown
|
||
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
https://sharepoint.com
|
unknown
|
||
https://myaccount.google.com/signinoptions/passwordC:
|
unknown
|
||
https://myaccount.google.com/signinoptions/password
|
unknown
|
||
https://www.google.com/favicon.ico
|
142.251.40.164
|
There are 7 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
chrome.cloudflare-dns.com
|
172.64.41.3
|
||
s-part-0045.t-0009.t-msedge.net
|
13.107.246.73
|
||
bzib.nelreports.net
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
13.107.246.73
|
s-part-0045.t-0009.t-msedge.net
|
United States
|
||
142.251.179.84
|
unknown
|
United States
|
||
192.168.2.7
|
unknown
|
unknown
|
||
192.168.2.16
|
unknown
|
unknown
|
||
142.250.81.238
|
unknown
|
United States
|
||
142.251.40.164
|
unknown
|
United States
|
||
162.159.61.3
|
unknown
|
United States
|
||
142.251.40.110
|
unknown
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
||
23.44.133.38
|
unknown
|
United States
|
||
172.64.41.3
|
chrome.cloudflare-dns.com
|
United States
|
There are 1 hidden IPs, click here to show them.
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
metricsid
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
metricsid_installdate
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PrefsLightweight
|
lw_57183dd86646495f169193446e73ae6e
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
MicrosoftEdgeAutoLaunch_C327D06BE457E5CC9900222A896CFE4D
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dgiklkfkllikcanfonkcabmbdfmgleag
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
fikbjbembnmfhppjfnmfkahdhfohhjmg
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
iglcjdemknebjbklcgkfaebgojjphkec
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ihmafllikibpmigkcoadcmckbfhibefp
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jdiccldimpdaibmpdkjnbmckianbfold
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ncbjelpjchkpbikbpkcchkhkblodoama
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dgiklkfkllikcanfonkcabmbdfmgleag
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
fikbjbembnmfhppjfnmfkahdhfohhjmg
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
iglcjdemknebjbklcgkfaebgojjphkec
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ihmafllikibpmigkcoadcmckbfhibefp
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jdiccldimpdaibmpdkjnbmckianbfold
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ncbjelpjchkpbikbpkcchkhkblodoama
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
media.cdm.origin_data
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
software_reporter.reporting
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
media.storage_id_salt
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
edge.services.account_id
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
edge.services.last_username
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
pinned_tabs
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
search_provider_overrides
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
edge.services.last_account_id
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
session.startup_urls
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
session.restore_on_startup
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
browser.show_home_button
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
homepage
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
lastrun
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dgiklkfkllikcanfonkcabmbdfmgleag
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
fikbjbembnmfhppjfnmfkahdhfohhjmg
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
iglcjdemknebjbklcgkfaebgojjphkec
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ihmafllikibpmigkcoadcmckbfhibefp
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jdiccldimpdaibmpdkjnbmckianbfold
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ncbjelpjchkpbikbpkcchkhkblodoama
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Profiles\Default
|
ShortcutName
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
lastrun
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
lastrun
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
There are 69 hidden registries, click here to show them.
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
2CC000
|
unkown
|
page readonly
|
||
2F2000
|
unkown
|
page readonly
|
||
1800000
|
heap
|
page read and write
|
||
F80000
|
heap
|
page read and write
|
||
1850000
|
heap
|
page read and write
|
||
1883000
|
heap
|
page read and write
|
||
F1A000
|
stack
|
page read and write
|
||
FF4000
|
heap
|
page read and write
|
||
304000
|
unkown
|
page readonly
|
||
230000
|
unkown
|
page readonly
|
||
230000
|
unkown
|
page readonly
|
||
300000
|
unkown
|
page write copy
|
||
15CF000
|
stack
|
page read and write
|
||
2CC000
|
unkown
|
page readonly
|
||
17B0000
|
heap
|
page read and write
|
||
1885000
|
heap
|
page read and write
|
||
2FC000
|
unkown
|
page read and write
|
||
15EF000
|
stack
|
page read and write
|
||
231000
|
unkown
|
page execute read
|
||
231000
|
unkown
|
page execute read
|
||
1880000
|
heap
|
page read and write
|
||
15DB000
|
stack
|
page read and write
|
||
304000
|
unkown
|
page readonly
|
||
15BF000
|
stack
|
page read and write
|
||
FD0000
|
heap
|
page read and write
|
||
2FC000
|
unkown
|
page write copy
|
||
FF0000
|
heap
|
page read and write
|
||
1858000
|
heap
|
page read and write
|
||
15FF000
|
stack
|
page read and write
|
||
2F2000
|
unkown
|
page readonly
|
||
16D0000
|
heap
|
page read and write
|
There are 21 hidden memdumps, click here to show them.