IOC Report
close_790189870c9543725dc3f5a15fb25e46[2].svg

loading gif

Files

File Path
Type
Category
Malicious
close_790189870c9543725dc3f5a15fb25e46[2].svg
SVG Scalable Vector Graphics image
initial sample
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\27e5eee7-bdbc-4e14-a248-33659608df94.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\2dea48f2-2a87-49ae-aa5c-6f05f0563f06.tmp
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\50c4824e-48ea-4d54-8f86-d7e6dcca9646.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\724ad000-313f-4270-8b02-85ce99243135.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\7635bf29-8dfb-4f61-91af-919af14dad8f.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\8b8789ef-69bd-4f48-9066-947dd2973947.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\97607670-bd0c-45fe-9a4e-df322919c72b.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\01246223-41d4-4c19-9221-4697bf3e9674.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma (copy)
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma.tmp
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-66D0F193-1BD8.pma
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-66D0F193-C60.pma
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-66D0F1A6-226C.pma
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-66D0F1AE-2080.pma
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\CrashpadMetrics-active.pma
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\10202b9f-628d-4333-9fed-3fbf86ee154b.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\24cc1ebd-1436-48bc-943d-b2527f87515f.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\4fb3894d-7b49-4542-9fd2-b1a1d2f19108.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\61d516d0-44b6-47b9-9a88-15f174eeb89b.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log
data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AssistanceHome\AssistanceHomeSQLite
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_0
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_2
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_3
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\index
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeEDrop\EdgeEDropSQLite.db
SQLite 3.x database, last written using SQLite version 3042000, file counter 14, database pages 8, cookie 0xe, schema 4, UTF-8, version-valid-for 14
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db
SQLite 3.x database, last written using SQLite version 3042000, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 5
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\ExtensionActivityComp
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 1, cookie 0x1, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\ExtensionActivityEdge
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 8, cookie 0x8, schema 4, UTF-8, version-valid-for 2
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 39, 1st free page 10, free pages 4, cookie 0x45, schema 4, UTF-8, version-valid-for 4
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)
ASCII text, with very long lines (1597), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons
SQLite 3.x database, last written using SQLite version 3042000, file counter 5, database pages 11, cookie 0x3, schema 4, UTF-8, version-valid-for 5
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 2, database pages 28, cookie 0x1d, schema 4, UTF-8, version-valid-for 2
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network Action Predictor
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 11, cookie 0x6, schema 4, UTF-8, version-valid-for 3
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\1bcc7637-01b1-4912-943c-0164c61e8fad.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\362d4768-51d4-49e0-b227-b194827eb5d8.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\573d55e1-91e3-48dc-9819-6cef35b5789d.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\60a9a975-28b0-4034-9859-acf1d8ff7a08.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\669b22d7-f437-4638-a7e7-e475afc85702.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\827d7373-35d3-4eab-a3fc-45be14de0244.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\9e39eeda-dc61-4a39-b86c-e919d6320695.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 7
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF2c0a6.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF3ab16.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 6
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF29a04.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF2a3c8.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity~RF2c0b6.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Trust Tokens
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8, version-valid-for 3
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 2
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF30f05.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF338d4.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF397fb.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\PreferredApps
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF2f524.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13369442966520044
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_0
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_2
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_3
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\index
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_0
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_2
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_3
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\index
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\056dbc25-413d-47ae-897c-f311931f7b1a.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\29a92f43-db54-4d4e-8a6a-0dfd2629f55e.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\9884abcd-ab78-4d7c-b6e1-d02d5e684b5e.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network Persistent State
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network Persistent State~RF3b910.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Reporting and NEL
SQLite 3.x database, last written using SQLite version 3035005, file counter 4, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 4
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF2a3c8.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8, version-valid-for 3
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\c888f010-b723-4b41-a9c3-9e8d7e8817af.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Top Sites
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 7, 1st free page 5, free pages 2, cookie 0x5, schema 4, UTF-8, version-valid-for 2
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 5, database pages 89, cookie 0x66, schema 4, UTF-8, version-valid-for 5
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebAssistDatabase
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 7, cookie 0xb, schema 4, UTF-8, version-valid-for 10
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\a4bfe118-19a1-47fc-a3db-4c16fdf3c50f.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json
ASCII text, with very long lines (3951), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\c844c987-8e8b-418a-a74b-a256034525c4.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\d8c2c63a-c24e-4db9-935e-caeaaeba12dd.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\daadd6e8-2efd-413e-ac4a-1c8f78822b4e.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8, version-valid-for 1
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\dd63393f-be1c-4e04-81bf-1050acc4a28c.tmp
ASCII text, with very long lines (1597), with CRLF line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\heavy_ad_intervention_opt_out.db
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 4, cookie 0x2, schema 4, UTF-8, version-valid-for 2
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000001.dbtmp
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT (copy)
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
ASCII text
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\MANIFEST-000001
OpenPGP Secret Key
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_0
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_2
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_3
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\index
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_0
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_2
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_3
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\index
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF28449.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF28468.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF286d9.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF28718.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2adba.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2cedf.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2cf3d.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2cf4c.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2eebb.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2eeda.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF397ad.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3becd.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3f57d.TMP (copy)
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 2
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_0
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_1
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_2
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_3
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\index
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSynchronousLookupUris
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSynchronousLookupUris_0
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-0
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris
ASCII text, with no line terminators
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_636976985063396749.rel.v2
data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\adee9b7f-c207-47c5-a891-dec35b904e3b.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\aef466a1-901c-4a7b-991e-c2f274cbe14a.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\f28b3fb2-959f-47d0-9a78-78b3955b30ed.tmp
JSON data
modified
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\fd7c0032-8cf9-450c-8024-95a41dd7610e.tmp
JSON data
dropped
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
data
dropped
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres
data
dropped
C:\Users\user\AppData\Local\Temp\0c9a2e5a-1088-4e3a-8e65-64e6a3b86723.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\203df2ec-3003-4f41-97ed-0d50fc2537bf.tmp
very short file (no magic)
dropped
C:\Users\user\AppData\Local\Temp\47b686aa-98d2-4cde-9c91-6ba9040b42c7.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\748c948b-92b9-49f7-be0b-966992abc3f7.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\9e94c10a-6eb6-481c-a479-4ed00c8faffe.tmp
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x720, components 3
dropped
C:\Users\user\AppData\Local\Temp\cv_debug.log
JSON data
dropped
C:\Users\user\AppData\Local\Temp\fb3b5663-6e89-4e6a-923b-7a3b6754bb94.tmp
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 41902
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\47b686aa-98d2-4cde-9c91-6ba9040b42c7.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\128.png
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\af\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\am\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\ar\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\az\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\be\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\bg\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\bn\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\ca\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\cs\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\cy\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\da\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\de\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\el\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\en\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\en_CA\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\en_GB\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\en_US\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\es\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\es_419\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\et\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\eu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\fa\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\fi\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\fil\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\fr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\fr_CA\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\gl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\gu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\hi\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\hr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\hu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\hy\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\id\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\is\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\it\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\iw\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\ja\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\ka\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\kk\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\km\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\kn\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\ko\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\lo\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\lt\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\lv\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\ml\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\mn\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\mr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\ms\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\my\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\ne\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\nl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\no\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\pa\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\pl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\pt_BR\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\pt_PT\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\ro\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\ru\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\si\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\sk\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\sl\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\sr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\sv\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\sw\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\ta\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\te\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\th\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\tr\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\uk\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\ur\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\vi\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\zh_CN\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\zh_HK\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\zh_TW\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_locales\zu\messages.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\_metadata\verified_contents.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\dasherSettingSchema.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\manifest.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\offscreendocument.html
HTML document, ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\offscreendocument_main.js
ASCII text, with very long lines (4369)
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\page_embed_script.js
ASCII text
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1268502113\CRX_INSTALL\service_worker_bin_prod.js
ASCII text, with very long lines (4369)
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1405754002\748c948b-92b9-49f7-be0b-966992abc3f7.tmp
Google Chrome extension, version 3
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1405754002\CRX_INSTALL\_metadata\verified_contents.json
JSON data
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1405754002\CRX_INSTALL\content.js
Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1405754002\CRX_INSTALL\content_new.js
Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
dropped
C:\Users\user\AppData\Local\Temp\scoped_dir3168_1405754002\CRX_INSTALL\manifest.json
JSON data
dropped
There are 292 hidden files, click here to show them.

Processes

Path
Cmdline
Malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\user\Desktop\close_790189870c9543725dc3f5a15fb25e46[2].svg
 malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2112 --field-trial-handle=2000,i,5938193828967197103,15847169476225554251,262144 /prefetch:3
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate --single-argument C:\Users\user\Desktop\close_790189870c9543725dc3f5a15fb25e46[2].svg
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2384 --field-trial-handle=2232,i,5777143487811511883,14929472616201104852,262144 /prefetch:3
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6424 --field-trial-handle=2232,i,5777143487811511883,14929472616201104852,262144 /prefetch:8
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6596 --field-trial-handle=2232,i,5777143487811511883,14929472616201104852,262144 /prefetch:8
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7248 --field-trial-handle=2232,i,5777143487811511883,14929472616201104852,262144 /prefetch:8
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7248 --field-trial-handle=2232,i,5777143487811511883,14929472616201104852,262144 /prefetch:8
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
 malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=2064,i,7583231872953787829,7140967329954936170,262144 /prefetch:3
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
 malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=2012,i,16973597618292821115,2187613196241031377,262144 /prefetch:3
malicious
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6520 --field-trial-handle=2232,i,5777143487811511883,14929472616201104852,262144 /prefetch:8
malicious
There are 3 hidden processes, click here to show them.

URLs

Name
IP
Malicious
https://duckduckgo.com/chrome_newtab
unknown
https://web.whatsapp.com
unknown
https://duckduckgo.com/ac/?q=
unknown
https://www.officeplus.cn/?sid=shoreline&endpoint=OPPC&source=OPCNshoreline
unknown
https://m.kugou.com/
unknown
https://www.office.com
unknown
https://outlook.live.com/mail/0/
unknown
https://www.last.fm/
unknown
https://powerpoint.new?from=EdgeM365Shoreline
unknown
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
unknown
https://tidal.com/
unknown
https://docs.google.com/
unknown
https://www.youtube.com
unknown
https://www.instagram.com
unknown
https://web.skype.com/?browsername=edge_canary_shoreline
unknown
https://gaana.com/
unknown
https://drive-staging.corp.google.com/
unknown
https://drive.google.com/
unknown
https://outlook.live.com/mail/compose?isExtension=true
unknown
https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=1
unknown
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
unknown
https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=2
unknown
https://www.messenger.com
unknown
https://clients2.googleusercontent.com/crx/blobs/AVsOOGgL4EVsLTMzZa-C0yXaDVW5z6pCjWzx7YKwHb9PR6v117H2hbsZgQ2S3VrQetSMoK86b9iY-_-8nYIxIJD4BasJl9SD8IoqvPIbEK9wBlfqTusC6rL6yTYDfaVSn9sAxlKa5bRpPaxsFjcmEK7Nec5bVL7NZYhc/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_80_1_0.crx
172.217.18.1
https://outlook.live.com/mail/inbox?isExtension=true&sharedHeader=1&nlp=1&client_flight=outlookedge
unknown
https://outlook.office.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true
unknown
https://outlook.office.com/mail/compose?isExtension=true
unknown
https://i.y.qq.com/n2/m/index.html
unknown
https://www.deezer.com/
unknown
https://latest.web.skype.com/?browsername=edge_canary_shoreline
unknown
https://word.new?from=EdgeM365Shoreline
unknown
https://www.office.com/
unknown
https://chrome.cloudflare-dns.com
unknown
https://web.telegram.org/
unknown
https://outlook.live.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true
unknown
https://outlook.office.com/mail/0/
unknown
https://manifestdeliveryservice.edgebrowser.microsoft-staging-falcon.io/app/page-context-demo
unknown
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
unknown
https://m.soundcloud.com/
unknown
https://mail.google.com/mail/mu/mp/266/#tl/Inbox
unknown
https://drive-daily-2.corp.google.com/
unknown
https://drive-autopush.corp.google.com/
unknown
https://music.amazon.com
unknown
https://drive-daily-4.corp.google.com/
unknown
https://vibe.naver.com/today
unknown
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
unknown
https://outlook.office.com/mail/inbox?isExtension=true&sharedHeader=1&client_flight=outlookedge
unknown
https://www.office.com/Office
unknown
https://open.spotify.com
unknown
https://twitter.com/
unknown
https://drive-daily-1.corp.google.com/
unknown
https://excel.new?from=EdgeM365Shoreline
unknown
https://web.skype.com/?browsername=edge_stable_shoreline
unknown
https://www.onenote.com/stickynotesstaging?isEdgeHub=true
unknown
https://drive-daily-5.corp.google.com/
unknown
https://m.vk.com/
unknown
https://bzib.nelreports.net/api/report?cat=bingbusiness
23.44.133.57
https://chrome.cloudflare-dns.com/dns-query
162.159.61.3
https://www.google.com/chrome
unknown
https://www.tiktok.com/
unknown
https://drive-daily-6.corp.google.com/
unknown
https://drive-daily-0.corp.google.com/
unknown
https://www.onenote.com/stickynotes?isEdgeHub=true
unknown
https://www.iheart.com/podcast/
unknown
https://music.yandex.com
unknown
https://chromewebstore.google.com/
unknown
https://drive-preprod.corp.google.com/
unknown
https://clients2.googleusercontent.com
unknown
https://www.onenote.com/stickynotes?isEdgeHub=true&auth=2
unknown
https://www.onenote.com/stickynotes?isEdgeHub=true&auth=1
unknown
https://chrome.google.com/webstore/
unknown
https://y.music.163.com/m/
unknown
https://bard.google.com/
unknown
https://drive-daily-3.corp.google.com/
unknown
There are 64 hidden URLs, click here to show them.

Domains

Name
IP
Malicious
chrome.cloudflare-dns.com
162.159.61.3
googlehosted.l.googleusercontent.com
172.217.18.1
sni1gl.wpc.nucdn.net
152.199.21.175
s-part-0032.t-0009.t-msedge.net
13.107.246.60
clients2.googleusercontent.com
unknown
bzib.nelreports.net
unknown

IPs

IP
Domain
Country
Malicious
13.107.246.40
unknown
United States
152.195.19.97
unknown
United States
192.168.2.4
unknown
unknown
13.107.246.60
s-part-0032.t-0009.t-msedge.net
United States
172.217.18.1
googlehosted.l.googleusercontent.com
United States
192.168.2.5
unknown
unknown
162.159.61.3
chrome.cloudflare-dns.com
United States
239.255.255.250
unknown
Reserved
23.59.250.24
unknown
United States
23.44.133.57
unknown
United States
172.64.41.3
unknown
United States
There are 1 hidden IPs, click here to show them.

Registry

Path
Value
Malicious
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
media.cdm.origin_data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PrefsLightweight
lw_13bbe73648289fe96dfa1aa1bf23b3da
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
freseenversion
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
freseen
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Defaults
is_dse_recommended
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Defaults
is_startup_page_recommended
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
lastrun
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\66608
WindowTabManagerFileMappingId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\Clients\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}\Commands\on-logon-autolaunch
Enabled
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
MicrosoftEdgeAutoLaunch_C366A24065C39A1BE76E148DC2D0A868
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Profiles\Default
ShortcutName
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Profiles\Default
ProfileErrorState
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Profiles
EnhancedLinkOpeningDefault
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahokoikenoafgppiblgpenaaaolecifn
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bhmhibnbialendcafinliemndanacfaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bobbggphonhgdonfdibkfipfepfcildj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ceaifoolopnigfpidlheoagpheiplgii
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
cjneempfhkonkkbcmnfdibgobmhbagaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dabfebgaghanlbehmkmaflipiohdimmc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dcaajljecejllikfgbhjdgeognacjkkp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dgiklkfkllikcanfonkcabmbdfmgleag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dmbljphlfghcnbohaoffiedmodfmkmol
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ehlmnljdoejdahfjdfobmpfancoibmig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
eijpepilkjkofamihbmjcnihgpbebafj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
enkoeamdnimieoooocohgbdajhhkajko
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fikbjbembnmfhppjfnmfkahdhfohhjmg
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fjngpfnaikknjdhkckmncgicobbkcnle
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbihlnbpmfkodghomcinpblknjhneknc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbmoeijgfngecijpcnbooedokgafmmji
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gecfnmoodchdkebjjffmdcmeghkflpib
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gekagaaiohabmaknhkbaofhhedhelemf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghbmnnjooekpmoecnnnilnnbdlolhkhi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghglcnachgghkhbafjogogiggghcpjig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hciemgmhplhpinoohcjpafmncmjapioh
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hloomjjkinpbjldhobfkfdamkmikjmdo
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hmlhageoffiiefnmojcgoagebofoifpl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
iglcjdemknebjbklcgkfaebgojjphkec
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ihmafllikibpmigkcoadcmckbfhibefp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jbleckejnaboogigodiafflhkajdmpcl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jdiccldimpdaibmpdkjnbmckianbfold
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jlipacegilfgfpgkefbjcncbfcoeecgj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jpfjdekhebcolnfkpicpciaknbgcdcbm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kfihiegbjaloebkmglnjnljoljgkkchm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
khffkadolmfbdgahbabbhipadklfmhgf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kjncpkplfnolibapodobnnjfgmjmiaba
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kkobcodijbdelbnhbfkkfncbeildnpie
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kmojgmpmopiiagdfbilgognmlegkonbk
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ncbjelpjchkpbikbpkcchkhkblodoama
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkbndigcebkoaejohleckhekfmcecfja
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nnpnekncnhiglbokoiffmejlimgmgoam
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ofefcgjbeghpigppfmkologfjadafddi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olkdlefmaniacnmgofabnpmomgcpdaip
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olmhchkiafniffcaiciiomfdplnmklak
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
pencekojiebcjhifbkfdncgmmooepclc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ppnnjfpaneghjbcepgedmlcgmfgkjhah
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahfgeienlihckogmohjhadlkjgocpleb
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ahokoikenoafgppiblgpenaaaolecifn
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bhmhibnbialendcafinliemndanacfaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
bobbggphonhgdonfdibkfipfepfcildj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ceaifoolopnigfpidlheoagpheiplgii
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
cjneempfhkonkkbcmnfdibgobmhbagaj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dabfebgaghanlbehmkmaflipiohdimmc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dcaajljecejllikfgbhjdgeognacjkkp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dgiklkfkllikcanfonkcabmbdfmgleag
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
dmbljphlfghcnbohaoffiedmodfmkmol
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ehlmnljdoejdahfjdfobmpfancoibmig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
eijpepilkjkofamihbmjcnihgpbebafj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
enkoeamdnimieoooocohgbdajhhkajko
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fikbjbembnmfhppjfnmfkahdhfohhjmg
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
fjngpfnaikknjdhkckmncgicobbkcnle
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbihlnbpmfkodghomcinpblknjhneknc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gbmoeijgfngecijpcnbooedokgafmmji
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gecfnmoodchdkebjjffmdcmeghkflpib
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
gekagaaiohabmaknhkbaofhhedhelemf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghbmnnjooekpmoecnnnilnnbdlolhkhi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ghglcnachgghkhbafjogogiggghcpjig
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hciemgmhplhpinoohcjpafmncmjapioh
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hloomjjkinpbjldhobfkfdamkmikjmdo
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
hmlhageoffiiefnmojcgoagebofoifpl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
iglcjdemknebjbklcgkfaebgojjphkec
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ihmafllikibpmigkcoadcmckbfhibefp
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jbleckejnaboogigodiafflhkajdmpcl
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jdiccldimpdaibmpdkjnbmckianbfold
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jlipacegilfgfpgkefbjcncbfcoeecgj
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jmjflgjpcpepeafmmgdpfkogkghcpiha
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
jpfjdekhebcolnfkpicpciaknbgcdcbm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kfihiegbjaloebkmglnjnljoljgkkchm
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
khffkadolmfbdgahbabbhipadklfmhgf
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kjncpkplfnolibapodobnnjfgmjmiaba
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kkobcodijbdelbnhbfkkfncbeildnpie
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
kmojgmpmopiiagdfbilgognmlegkonbk
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
mhjfbmdgcfjbbpaeojofohoefgiehjai
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ncbjelpjchkpbikbpkcchkhkblodoama
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkbndigcebkoaejohleckhekfmcecfja
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nkeimhogjdpnpccoofpliimaahmaaome
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
nnpnekncnhiglbokoiffmejlimgmgoam
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ofefcgjbeghpigppfmkologfjadafddi
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olkdlefmaniacnmgofabnpmomgcpdaip
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
olmhchkiafniffcaiciiomfdplnmklak
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
pencekojiebcjhifbkfdncgmmooepclc
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
ppnnjfpaneghjbcepgedmlcgmfgkjhah
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.reporting
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
media.storage_id_salt
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_startup_urls
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.prompt_wave
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.account_id
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.prompt_seed
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_homepage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.last_username
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
default_search_provider_data.template_url_data
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
safebrowsing.incidents_sent
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
pinned_tabs
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
search_provider_overrides
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
edge.services.last_account_id
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
software_reporter.prompt_version
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
session.startup_urls
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
session.restore_on_startup
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
settings_reset_prompt.last_triggered_for_default_search
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
prefs.preference_reset_time
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
browser.show_home_button
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
homepage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
homepage_is_newtabpage
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
version
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\66608
WindowTabManagerFileMappingId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowProperties\66608
WindowTabManagerFileMappingId
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
lastrun
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
lastrun
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
StatusCodes
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
state
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
user_experience_metrics.stability.exited_cleanly
There are 142 hidden registries, click here to show them.