Files
File Path
|
Type
|
Category
|
Malicious
|
|
---|---|---|---|---|
file.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\0e00f2d3-da92-4a76-9003-31ebd7e4f5f4.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\2a82bf36-3109-499c-a09b-dd0f41a0a5df.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\47155aac-479d-4ec1-84f4-f9c668b9bec4.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\55671503-efd2-4539-a0c0-4338fd35365c.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\574b6902-6bad-4524-b9b8-522d1058595e.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\58bf19db-d52e-4607-8b79-3c50f8d40d55.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Ad Blocking\b7657620-5c5d-465b-8de5-7c4edd145049.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Ad Blocking\blocklist (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\BrowserMetrics-spare.pma (copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\BrowserMetrics-spare.pma.tmp
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\BrowserMetrics\BrowserMetrics-66D363F1-1C80.pma
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\BrowserMetrics\BrowserMetrics-66D363F1-1D84.pma
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\settings.dat
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Crashpad\throttle_store.dat
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\1337456d-e740-471d-b72b-0924a5afacbe.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\522ecc12-af21-4c9a-bd54-b5dc7f9f285c.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\5e28b23a-fb8b-4067-b53a-0a6766b9947e.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\6cad41c5-f774-4a76-8839-31ec1d79c7c1.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\7c73e3d7-f548-4460-9041-1a99173fca7f.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\000003.log
|
data
|
modified
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Asset Store\assets.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\AssistanceHome\AssistanceHomeSQLite
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 3, cookie 0x1, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_0
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\f_000001
|
gzip compressed data, was "asset", last modified: Fri Aug 2 18:10:34 2024, max compression, original size modulo 2^32 374872
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Cache\Cache_Data\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\js\index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\js\index-dir\temp-index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\js\index-dir\the-real-index (copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\wasm\index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\wasm\index-dir\temp-index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Code Cache\wasm\index-dir\the-real-index (copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\DawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeCoupons\coupons_data.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeEDrop\EdgeEDropSQLite.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 14, database pages 8, cookie 0xe, schema 4, UTF-8,
version-valid-for 14
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 5
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT
(copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\EntityExtraction\domains_config.json
|
JSON data
|
modified
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Rules\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension Scripts\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Extension State\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\ExtensionActivityComp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 1, cookie 0x1, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\ExtensionActivityEdge
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 8, cookie 0x8, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Favicons
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 10, cookie
0x8, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\GPUCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\History
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 38, cookie 0x1f, schema 4,
UTF-8, version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\History-journal
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\HubApps Icons
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\CURRENT
(copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Local Storage\leveldb\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Login Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 25, cookie
0xe, schema 4, UTF-8, version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network Action Predictor
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 11, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\444e2a0d-b3c2-4950-b501-2f53c8f4cc3f.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\723585bf-b55c-4e63-a113-0a857d4cba18.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Cookies
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Network Persistent State (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Network Persistent State~RF3b2b7.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 9, cookie 0x4, schema 4, UTF-8,
version-valid-for 6
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\SCT Auditing Pending Reports (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\SCT Auditing Pending Reports~RF2938b.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Sdch Dictionaries (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\Trust Tokens
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\a60bc9e2-33c6-4ee2-ad1e-4314037fcc22.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\a7312b5d-cf47-4c90-b0e5-3d0812e4c795.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Network\d54b867b-a0ca-435b-abb4-36f5f4220635.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Nurturing\campaign_history
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Preferences (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Preferences~RF32481.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Preferences~RF39991.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\PreferredApps
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\README
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Secure Preferences (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Secure Preferences~RF2f310.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Session Storage\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Shortcuts
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Site Characteristics Database\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index-dir\temp-index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\js\index-dir\the-real-index
(copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index-dir\temp-index
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Code Cache\wasm\index-dir\the-real-index
(copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local
Storage\leveldb\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local
Storage\leveldb\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local
Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local
Storage\leveldb\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\1f75e147-9357-4361-8cc6-4fc2e04f2caa.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\708cf4c3-6169-4b32-8212-2ad3bff69c52.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network
Persistent State (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network
Persistent State~RF3b2c7.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Reporting
and NEL
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x4, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT
Auditing Pending Reports (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch
Dictionaries (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust
Tokens
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\bae4c345-9561-48da-b9bc-0c4333d60931.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\e73ac06e-4a02-4a2e-9709-6ecb37133469.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session
Storage\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Sync Data\LevelDB\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Top Sites
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Visited Links
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\Web Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 4, database pages 89, cookie
0x36, schema 4, UTF-8, version-valid-for 4
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\WebAssistDatabase
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 7, cookie
0xb, schema 4, UTF-8, version-valid-for 10
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\arbitration_service_config.json
|
ASCII text, with very long lines (3951), with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\ba9fa407-8d67-4509-a246-dd7ce4bdcf9c.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\f5f01fd5-5362-45a0-bd8b-2ef0b9f62487.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\heavy_ad_intervention_opt_out.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 4, cookie 0x2, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db
|
SQLite 3.x database, last written using SQLite version 3042000, writer version 2, read version 2, file counter 1, database
pages 1, cookie 0, schema 0, unknown 0 encoding, version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db-journal
|
SQLite Rollback Journal
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db-shm
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\load_statistics.db-wal
|
SQLite Write-Ahead Log, version 3007000
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\000003.log
|
data
|
modified
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Default\shared_proto_db\metadata\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GrShaderCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\GraphiteDawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Last Browser
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF286f9.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF288ed.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF288fc.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF2afce.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF2f6f8.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF34b81.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF37243.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF39972.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Local State~RF3fb68.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Nurturing\campaign_history
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\ShaderCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSettings
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSynchronousLookupUris
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\customSynchronousLookupUris_0
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\edgeSettings
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\edgeSettings_2.0-0
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\synchronousLookupUris
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\synchronousLookupUris_636976985063396749.rel.v2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\topTraffic
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\Variations
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\beb9b3d0-c6ba-4902-9628-4b5b0f4da751.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\dbaa9f8d-b7ec-49ef-91cb-cbd371fa333b.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\e0e1524f-f840-49e8-9279-cf9a93f4392a.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\e32383c4-1894-4cc3-920b-cb9447e559d1.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data Kiosk\fd99e337-746a-43d6-8cd4-775674b362dc.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\177adf83-5957-434f-8316-2f729e397320.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\20f7a189-ea90-4911-89fd-5597aea7a488.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\4a6620f0-8903-411c-b8db-1367f9a488b4.tmp
|
JSON data
|
modified
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\576948ec-286f-4fa1-934a-efb74accc4a8.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\626d694a-4754-4b93-ba8e-c2efb2a92713.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\7bf1f06c-d804-40af-bb8d-d0976532d843.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\865d5336-d9de-4676-a303-c53539becabc.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\1442123d-1b63-4224-953f-d34c4014ef27.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma (copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma.tmp
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-66D36404-23F8.pma
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-66D3640C-9C8.pma
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-66D36414-193C.pma
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-66D36422-15CC.pma
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\CrashpadMetrics-active.pma
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\0d8ac55e-f3f3-4cee-85dd-501c8a6a4fb8.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\158705c2-1f64-4b60-ae86-8c52606d335f.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\60d57c62-4208-4799-9283-ab5d25f7c8fd.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\70aeab96-f7db-4a11-a98a-be792909b176.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log
|
data
|
modified
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AssistanceHome\AssistanceHomeSQLite
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 3, cookie 0x1, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeEDrop\EdgeEDropSQLite.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 14, database pages 8, cookie 0xe, schema 4, UTF-8,
version-valid-for 14
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 5
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\ExtensionActivityComp
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 1, cookie 0x1, schema 4, UTF-8,
version-valid-for 1
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\ExtensionActivityEdge
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 8, cookie 0x8, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 39, 1st free page 10, free
pages 4, cookie 0x45, schema 4, UTF-8, version-valid-for 3
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 7, cookie 0x3, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old
(copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 2, database pages 28, cookie
0x1d, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network Action Predictor
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 11, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\102066f4-e8d2-43c3-ae92-d8507ebf35ea.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\23a14588-d4eb-465a-9330-862f77463478.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\9c42a6c1-1720-4eee-ba7e-a5e0be0a0a10.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\9e0b9240-1ff5-4758-bb25-ab6066ea58c8.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8,
version-valid-for 7
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF2fda0.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF3ec07.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL
|
SQLite 3.x database, last written using SQLite version 3035005, file counter 4, database pages 9, cookie 0x4, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF2d73b.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF2e5a3.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity~RF2fdde.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Trust Tokens
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\b5af0d87-0fd1-43a2-9e9d-3debfefeedfd.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\c5919c72-1653-4abe-add2-36bc772ab95a.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\fe69cd4e-7ec7-489a-bc29-3ca04510dd9c.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF352a5.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF3e2b0.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\PreferredApps
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF33818.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old
(copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\19bb8608-2dc6-4931-89cc-f7c471fc0a9a.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\23d5c383-d4bc-4ee8-8da8-0c1d2c0142b6.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\761f4463-4665-42ea-95be-4a5da2ea782b.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network
Persistent State
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network
Persistent State~RF3fb97.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Reporting
and NEL
|
SQLite 3.x database, last written using SQLite version 3035005, file counter 4, database pages 9, cookie 0x4, schema 4, UTF-8,
version-valid-for 4
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT
Auditing Pending Reports (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT
Auditing Pending Reports~RF2e5b3.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch
Dictionaries (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust
Tokens
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8,
version-valid-for 3
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\d5c8f0e2-24dc-46fb-93de-d8c58dc88bf3.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old
(copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Top Sites
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 7, 1st free page 5, free pages
2, cookie 0x5, schema 4, UTF-8, version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data
|
SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 4, database pages 87, cookie
0x66, schema 4, UTF-8, version-valid-for 4
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\a261bd52-285f-40a0-b334-fcfd5dd4b98c.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json
|
ASCII text, with very long lines (3951), with CRLF line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\bc4145fe-6a9c-4c49-8ff8-7dfada9c5703.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\f1113fb8-4df6-4d25-9241-f361e065cf8f.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\heavy_ad_intervention_opt_out.db
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 4, cookie 0x2, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000001.dbtmp
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT (copy)
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\MANIFEST-000001
|
OpenPGP Secret Key
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2d17f.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2d18e.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2f0ce.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2f0ee.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2f0fd.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3105c.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3106c.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF343c1.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3bb71.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3e2b0.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF409d0.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF431e9.TMP (copy)
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history
|
SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 5, cookie 0x2, schema 4, UTF-8,
version-valid-for 2
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Safe Browsing\ChromeExtMalware.store (copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Safe Browsing\ChromeExtMalware.store_new
|
data
|
modified
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_0
|
FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_1
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_3
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\index
|
FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSynchronousLookupUris
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSynchronousLookupUris_0
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-0
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris
|
ASCII text, with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_636976985063396749.rel.v2
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\a7372aba-563d-4e57-ad93-1a8e65d6bc7c.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\bff8486a-a5b4-49e6-93d0-376668b1200c.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\cb23c675-b93b-49ff-8e30-4a38cbc50b99.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\d5bb70d6-7ef7-4e1d-a00e-63f9002f558f.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\d7a1c89c-edda-4c1f-9cf6-190a5183fb37.tmp
|
JSON data
|
modified
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\de4cb353-5dee-455d-a130-1e45ddc20db5.tmp
|
JSON data
|
modified
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\e4437ba3-6355-440a-a2e2-c3ad4e1209cd.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\Edge\User Data\fed26de3-13a1-4d22-80f3-abb14efc5c66.tmp
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres
|
data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\1725735e-29de-425f-8e73-1af5ea33081e.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\7827935c-f04a-4cf0-be0b-5daacd06ca56.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\84cd0da3-091c-49cd-8f05-4fa717d4e6eb.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\b5406a74-a832-43b7-b2ce-941e74982668.tmp
|
very short file (no magic)
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\cv_debug.log
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\84cd0da3-091c-49cd-8f05-4fa717d4e6eb.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\128.png
|
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\af\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\am\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\ar\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\az\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\be\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\bg\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\bn\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\ca\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\cs\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\cy\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\da\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\de\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\el\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\en\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\en_CA\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\en_GB\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\en_US\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\es\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\es_419\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\et\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\eu\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\fa\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\fi\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\fil\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\fr\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\fr_CA\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\gl\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\gu\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\hi\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\hr\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\hu\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\hy\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\id\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\is\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\it\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\iw\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\ja\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\ka\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\kk\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\km\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\kn\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\ko\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\lo\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\lt\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\lv\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\ml\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\mn\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\mr\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\ms\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\my\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\ne\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\nl\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\no\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\pa\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\pl\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\pt_BR\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\pt_PT\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\ro\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\ru\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\si\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\sk\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\sl\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\sr\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\sv\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\sw\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\ta\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\te\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\th\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\tr\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\uk\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\ur\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\vi\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\zh_CN\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\zh_HK\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\zh_TW\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_locales\zu\messages.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\dasherSettingSchema.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\manifest.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\offscreendocument.html
|
HTML document, ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\offscreendocument_main.js
|
ASCII text, with very long lines (4369)
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\page_embed_script.js
|
ASCII text
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1732555133\CRX_INSTALL\service_worker_bin_prod.js
|
ASCII text, with very long lines (4369)
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1966509553\7827935c-f04a-4cf0-be0b-5daacd06ca56.tmp
|
Google Chrome extension, version 3
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1966509553\CRX_INSTALL\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1966509553\CRX_INSTALL\content.js
|
Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1966509553\CRX_INSTALL\content_new.js
|
Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
|
dropped
|
||
C:\Users\user\AppData\Local\Temp\scoped_dir9208_1966509553\CRX_INSTALL\manifest.json
|
JSON data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\3OEA6NEY1Q5GVHL1C2CC.temp
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\875a60a09683c344.customDestinations-ms (copy)
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\EOXGAZIPATE2HR4F9WOT.temp
|
data
|
dropped
|
||
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccba5a5986c77e43.customDestinations-ms (copy)
|
data
|
dropped
|
There are 516 hidden files, click here to show them.
Processes
Path
|
Cmdline
|
Malicious
|
|
---|---|---|---|
C:\Users\user\Desktop\file.exe
|
"C:\Users\user\Desktop\file.exe"
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI
--disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2164 --field-trial-handle=2096,i,18383972108529384836,11793983287344144029,262144
--disable-features=TranslateUI /prefetch:3
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --edge-kiosk-type=fullscreen --no-first-run --disable-features=TranslateUI
--disable-popup-blocking --disable-extensions --no-default-browser-check --app=https://accounts.google.com/ServiceLogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password
--flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2300 --field-trial-handle=2032,i,15502300999554502982,58084370835951274,262144
--disable-features=TranslateUI /prefetch:3
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService
--lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=7760 --field-trial-handle=2032,i,15502300999554502982,58084370835951274,262144
--disable-features=TranslateUI /prefetch:8
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor
--lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=3436 --field-trial-handle=2032,i,15502300999554502982,58084370835951274,262144
--disable-features=TranslateUI /prefetch:8
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7340 --field-trial-handle=2032,i,15502300999554502982,58084370835951274,262144
--disable-features=TranslateUI /prefetch:8
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7340 --field-trial-handle=2032,i,15502300999554502982,58084370835951274,262144
--disable-features=TranslateUI /prefetch:8
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2292 --field-trial-handle=2032,i,8352793268309745401,7531272831810527599,262144
/prefetch:3
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService
--lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=4080 --field-trial-handle=2032,i,8352793268309745401,7531272831810527599,262144
/prefetch:8
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=5984 --field-trial-handle=2032,i,8352793268309745401,7531272831810527599,262144
/prefetch:8
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=5984 --field-trial-handle=2032,i,8352793268309745401,7531272831810527599,262144
/prefetch:8
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2260 --field-trial-handle=1960,i,15799680679975826435,5556209134532581845,262144
/prefetch:3
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2264 --field-trial-handle=2108,i,1270928443281422738,12119147721520445280,262144
/prefetch:3
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
|
||
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
|
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService
--lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2124 --field-trial-handle=2088,i,1395523319678171847,346153623225115163,262144
/prefetch:3
|
There are 10 hidden processes, click here to show them.
URLs
Name
|
IP
|
Malicious
|
|
---|---|---|---|
https://www.office.com/
|
unknown
|
||
https://chrome.cloudflare-dns.com
|
unknown
|
||
https://duckduckgo.com/chrome_newtab
|
unknown
|
||
https://duckduckgo.com/ac/?q=
|
unknown
|
||
https://msn.com
|
unknown
|
||
https://www.google.com/images/branding/product/ico/googleg_lodp.ico
|
unknown
|
||
https://drive-daily-2.corp.google.com/
|
unknown
|
||
https://drive-autopush.corp.google.com/
|
unknown
|
||
https://drive-daily-4.corp.google.com/
|
unknown
|
||
https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
|
unknown
|
||
https://www.office.com/Office
|
unknown
|
||
https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
|
unknown
|
||
https://drive-daily-1.corp.google.com/
|
unknown
|
||
https://drive-daily-5.corp.google.com/
|
unknown
|
||
https://www.google.com/favicon.ico
|
142.250.81.228
|
||
https://docs.google.com/
|
unknown
|
||
https://bzib.nelreports.net/api/report?cat=bingbusiness
|
unknown
|
||
https://chrome.cloudflare-dns.com/dns-query
|
162.159.61.3
|
||
https://drive-staging.corp.google.com/
|
unknown
|
||
https://www.google.com/chrome
|
unknown
|
||
https://drive-daily-6.corp.google.com/
|
unknown
|
||
https://drive.google.com/
|
unknown
|
||
https://drive-daily-0.corp.google.com/
|
unknown
|
||
https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
|
unknown
|
||
https://chromewebstore.google.com/
|
unknown
|
||
https://drive-preprod.corp.google.com/
|
unknown
|
||
https://clients2.googleusercontent.com
|
unknown
|
||
https://chrome.google.com/webstore/
|
unknown
|
||
https://myaccount.google.com/signinoptions/passwordC:
|
unknown
|
||
https://clients2.googleusercontent.com/crx/blobs/AY4GWKBMNax_FQrZEVzNkO_0mu3UShnzR6AihR_EPjVIUOT_pwZzkWCpOk8YKIu0qnIq_YObWXuPyiJ7NA0nDjMHUEYIIEknsNvJHXuPd0MqxESzoxi9xiMyJKNwZiVV1yEAxlKa5UVe61sINARQ7fO9dE0bkfP_W4GG/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_80_1_0.crx
|
172.217.18.1
|
||
https://drive-daily-3.corp.google.com/
|
unknown
|
There are 21 hidden URLs, click here to show them.
Domains
Name
|
IP
|
Malicious
|
|
---|---|---|---|
chrome.cloudflare-dns.com
|
172.64.41.3
|
||
googlehosted.l.googleusercontent.com
|
172.217.18.1
|
||
s-part-0032.t-0009.t-msedge.net
|
13.107.246.60
|
||
sni1gl.wpc.nucdn.net
|
152.199.21.175
|
||
clients2.googleusercontent.com
|
unknown
|
||
bzib.nelreports.net
|
unknown
|
IPs
IP
|
Domain
|
Country
|
Malicious
|
|
---|---|---|---|---|
13.107.246.40
|
unknown
|
United States
|
||
152.195.19.97
|
unknown
|
United States
|
||
192.168.2.4
|
unknown
|
unknown
|
||
13.107.246.60
|
s-part-0032.t-0009.t-msedge.net
|
United States
|
||
162.159.61.3
|
unknown
|
United States
|
||
142.250.65.238
|
unknown
|
United States
|
||
23.223.209.207
|
unknown
|
United States
|
||
172.64.41.3
|
chrome.cloudflare-dns.com
|
United States
|
||
142.250.81.228
|
unknown
|
United States
|
||
172.217.18.1
|
googlehosted.l.googleusercontent.com
|
United States
|
||
142.250.65.206
|
unknown
|
United States
|
||
239.255.255.250
|
unknown
|
Reserved
|
There are 2 hidden IPs, click here to show them.
Registry
Path
|
Value
|
Malicious
|
|
---|---|---|---|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
MicrosoftEdgeAutoLaunch_5736606B9E4AF5D84DA5A728AAAD52EB
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
|
MicrosoftEdgeAutoLaunch_C366A24065C39A1BE76E148DC2D0A868
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
metricsid
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
metricsid_installdate
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
metricsid_enableddate
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
media.cdm.origin_data
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PrefsLightweight
|
lw_a5d6a53e96afdef13bf25bb88d9341c7
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
lastrun
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\Clients\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}\Commands\on-logon-autolaunch
|
Enabled
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Profiles\Default
|
ProfileErrorState
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Profiles
|
EnhancedLinkOpeningDefault
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dgiklkfkllikcanfonkcabmbdfmgleag
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
fikbjbembnmfhppjfnmfkahdhfohhjmg
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
iglcjdemknebjbklcgkfaebgojjphkec
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ihmafllikibpmigkcoadcmckbfhibefp
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jdiccldimpdaibmpdkjnbmckianbfold
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ncbjelpjchkpbikbpkcchkhkblodoama
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dgiklkfkllikcanfonkcabmbdfmgleag
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
fikbjbembnmfhppjfnmfkahdhfohhjmg
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
iglcjdemknebjbklcgkfaebgojjphkec
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ihmafllikibpmigkcoadcmckbfhibefp
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jdiccldimpdaibmpdkjnbmckianbfold
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ncbjelpjchkpbikbpkcchkhkblodoama
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
software_reporter.reporting
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
media.storage_id_salt
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_startup_urls
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.prompt_wave
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
edge.services.account_id
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
software_reporter.prompt_seed
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_homepage
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
edge.services.last_username
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
default_search_provider_data.template_url_data
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
safebrowsing.incidents_sent
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
pinned_tabs
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
search_provider_overrides
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
edge.services.last_account_id
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
software_reporter.prompt_version
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
session.startup_urls
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
session.restore_on_startup
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
settings_reset_prompt.last_triggered_for_default_search
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
browser.show_home_button
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
homepage
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
homepage_is_newtabpage
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
version
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PrefsLightweight
|
lw_13bbe73648289fe96dfa1aa1bf23b3da
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\Profiles\Default
|
ShortcutName
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dgiklkfkllikcanfonkcabmbdfmgleag
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
fikbjbembnmfhppjfnmfkahdhfohhjmg
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ghbmnnjooekpmoecnnnilnnbdlolhkhi
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
iglcjdemknebjbklcgkfaebgojjphkec
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ihmafllikibpmigkcoadcmckbfhibefp
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jdiccldimpdaibmpdkjnbmckianbfold
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ncbjelpjchkpbikbpkcchkhkblodoama
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default
|
prefs.preference_reset_time
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ahfgeienlihckogmohjhadlkjgocpleb
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
dgiklkfkllikcanfonkcabmbdfmgleag
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
fikbjbembnmfhppjfnmfkahdhfohhjmg
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ghbmnnjooekpmoecnnnilnnbdlolhkhi
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
iglcjdemknebjbklcgkfaebgojjphkec
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ihmafllikibpmigkcoadcmckbfhibefp
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jdiccldimpdaibmpdkjnbmckianbfold
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
jmjflgjpcpepeafmmgdpfkogkghcpiha
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
mhjfbmdgcfjbbpaeojofohoefgiehjai
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
ncbjelpjchkpbikbpkcchkhkblodoama
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
|
nkeimhogjdpnpccoofpliimaahmaaome
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
lastrun
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
lastrun
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
lastrun
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\EdgeUpdate\ClientState\{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}
|
lastrun
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\ThirdParty
|
StatusCodes
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\BLBeacon
|
state
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
||
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Edge\StabilityMetrics
|
user_experience_metrics.stability.exited_cleanly
|
There are 100 hidden registries, click here to show them.
Memdumps
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
---|---|---|---|---|
9D0000
|
heap
|
page read and write
|
||
12A0000
|
heap
|
page read and write
|
||
F1000
|
unkown
|
page execute read
|
||
F0000
|
unkown
|
page readonly
|
||
18C000
|
unkown
|
page readonly
|
||
FFF000
|
stack
|
page read and write
|
||
1170000
|
heap
|
page read and write
|
||
F1000
|
unkown
|
page execute read
|
||
1BC000
|
unkown
|
page write copy
|
||
1BC000
|
unkown
|
page read and write
|
||
18C000
|
unkown
|
page readonly
|
||
1C0000
|
unkown
|
page write copy
|
||
1270000
|
heap
|
page read and write
|
||
11B0000
|
heap
|
page read and write
|
||
1B2000
|
unkown
|
page readonly
|
||
3794000
|
heap
|
page read and write
|
||
969000
|
stack
|
page read and write
|
||
F0000
|
unkown
|
page readonly
|
||
1278000
|
heap
|
page read and write
|
||
1C4000
|
unkown
|
page readonly
|
||
FDB000
|
stack
|
page read and write
|
||
12A3000
|
heap
|
page read and write
|
||
1C4000
|
unkown
|
page readonly
|
||
9E0000
|
heap
|
page read and write
|
||
11E0000
|
heap
|
page read and write
|
||
1B2000
|
unkown
|
page readonly
|
||
FCE000
|
stack
|
page read and write
|
||
FEF000
|
stack
|
page read and write
|
||
FBE000
|
stack
|
page read and write
|
||
3790000
|
heap
|
page read and write
|
There are 20 hidden memdumps, click here to show them.